Adam Bannister January 11, 2022 at 15:21 UTC
Updated January 11, 2022 at 15:26 UTC
According to Microsoft, the cybercrime group is trying to deploy NightSky ransomware
A China-based ransomware operator has been actively exploiting the Log4j vulnerability in VMware Horizon, the desktop and app virtualization platform, for the past week, Microsoft warned.
“Based on our analysis, the attackers are using command and control (CnC) servers that spoof legitimate domains,” the software giant said in a supplement to its January 10 ongoing “Log4Shell” updates.
If successful, the attacks — which began “as early as January 4” — will result in the use of NightSky ransomware.
Find out about the latest ransomware news and attacks
NightSky uses the popular “double blackmail” model and was identified by threat researchers from MalwareHunterTeam on January 1st.
Microsoft said the…