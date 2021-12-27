The vulnerability found this month, which affected Apache Log4j, It has been used by a multitude of cybercriminals to attack a large number of services provided by some of the large companies such as Amazon, IBM, or Microsoft, among others.

HP is another of the companies that has suffered the consequences of this vulnerability after learning that a group of hackers took control of one of its data centers, using it to mine cryptocurrencies worth more than $ 100,000.

Using the power of HP servers to mine ‘RTM’

Although the company has not yet recognized this attack, it is easy to know that they have broken into their systems because Between December 9 and 17, HP was one of the largest contributors to the Raptoreum cryptocurrency. And it is that according to Techspot, at its maximum peak its rate of mining was higher than any combined system.

Through the registry of the Raptoreum Blockchain, it could be seen that the cybercriminals sold half of this fortune in CoinEX, keeping the rest. However, during these days, the value of this cryptocurrency has dropped considerably.

Hackers used the Java Log4j exploit to remotely execute code and take control of HP’s servers. After knowing this vulnerability, which is one of the most dangerous in recent years, one of the most common practices has been to take advantage of it to mine cryptocurrencies, this being one of the many cases that have arisen this month.

The HP server that the cybercriminals had access to contained 9,000 AMD EPYC processors. When used to mine cryptocurrencies, the total ratio of Raptoreum went from 200 MH / s to 400 MH / s, with a single address in charge of contributing some 100-200 MH / s.

‘Log4j’, one of the most dangerous vulnerabilities in recent years

The vulnerability, known as ‘CVE-2021-44228’ or ‘Log4Shell’, was discovered by Chen Zhaojun (Alibaba software engineer), and affects Apache Log4j, an open source library developed by the Apache Foundation that makes it easier for Java ecosystem applications to keep track of activities performed at runtime.

In CVSS it has been assigned a 10/10, being the most serious of this standard of measurement. It has been a headache for many companies. In just over 24 hours a patch was released, and the vast majority of affected systems are no longer at risk.