Conti ransomware hits VMware vCenter with Log4j exploit


Conti tracks sideways movements on vulnerable Log4j VMware vCenter servers, making it the first major ransomware gang to use the massive bug as a weapon.

The prolific Russian-speaking ransomware group began exploiting the Log4j first-access and sideways-movement vulnerability in VMware vCenter networks on Wednesday, according to a New York-based AdvIntel report released on Friday morning. Conti’s campaign resulted in the ransomware operator gaining access to the victim’s vCenter networks in the US and Europe, AdvIntel said.

“One week after the Log4j2 vulnerability became known, AdvIntel discovered the most worrying trend – the exploitation of the new one [bug] from one of the most prolific organized ransomware groups – Conti, ”wrote AdvIntel in a post on Friday. “[The] The Log4j2 vulnerability emerges … for Conti the moment the syndicate has both the strategic intention and the ability to arm it for its ransomware …


Source link

Leave a Reply