Log4Shell Unleashed: How a Single Log4j Flaw Threatens Every Server

According to foreign security media reports, hackers are exploiting a severe vulnerability in the Java logging library Log4j, known as Log4Shell (CVE‑2021‑44228), to attack valuable servers at a rate of thousands of attempts per minute.

The flaw, first disclosed on December 9, allows unauthenticated remote code execution and remote server access. Almost every industry is affected, and its impact is comparable to the 2017 EternalBlue vulnerability.

openEuler announced that the community has patched the high‑severity Log4j vulnerability and released a security advisory; users can apply the patches in openEuler 20.03 LTS SP1/SP2.

Log4j is embedded in many enterprise and open‑source products, including cloud platforms, web applications, and email services, meaning a large amount of operational software faces serious risk.

Attackers are scanning the entire Internet for vulnerable “meat‑machine” instances, with some sites seeing over 1,000 recursive scans per minute and hundreds of thousands of code‑execution attempts.

Exploitation attempts include installing cryptocurrency‑mining malware, and several botnets such as Mirai, Tsunami, and Kinsing are also trying to leverage the flaw.

Microsoft researchers warned that attackers use the vulnerability to deploy Cobalt Strike, stealing usernames and passwords.

While some cyber‑criminals aim for low‑level crypto‑mining, more sophisticated attackers are likely to target high‑value targets such as banks and critical national‑security infrastructure.

Evidence shows that exploitation began before the public disclosure, highlighting how a widely used but poorly maintained open‑source project can become a massive security risk.

The Log4j maintainer works full‑time on other software and can only maintain the project in spare time; only three sponsors currently support Log4j.

Major companies like Apple and Microsoft use Log4j, prompting calls that enterprises benefiting from open‑source projects have a moral responsibility to sponsor and support their maintainers.