"Log4j: Mirai Botnet Found Targeting Zyxel Networking Devices"

Larry Cashdollar, a security researcher at Akamai Technologies, discovered an attempt to use the Log4j vulnerabilities in Zyxel networking devices to infect and help in the spread of malware used by the Mirai botnet. Zyxel is suspected of having been specifically targeted because it announced that the Log4j vulnerability impacted it. The first sample examined by Cashdollar had functions for scanning other vulnerable devices. The second sample contained the standard Mirai attack, based on attack function names and their instructions. According to a security advisory released by Zyxel, the vulnerability only affects the NetAtlas Element Management System line of products. Zyxel released a hotfix on December 20, 2021, and stated that a patch would be made available by the end of February 2022. This article continues to discuss the targeting of the Log4j vulnerabilities in Zyxel networking devices by the Mirai botnet and the increased abuse of flaws in systems and network management software tools to launch attacks. 

ZDNet reports "Log4j: Mirai Botnet Found Targeting Zyxel Networking Devices"