Several Java applications have been targeted by a new variant of the FritzFrog botnet, which has gained the ability to exploit the Log4Shell vulnerability, as part of the Frog4Shell attack campaign, reports The Record, a news site by cybersecurity firm Recorded Future.
While FritzFrog initially leveraged brute-force attacks to facilitate server compromise and cryptominer distribution, the malware has been updated to read numerous system files on compromised hosts for expanded attacks, according to an Akamai report, which noted that more than 1,500 organizations have been impacted by over 20,000 intrusions with the botnet malware. Operators of FritzFrog have also enhanced the malware with additional tools for bypassing cybersecurity defenses and novel privilege escalation features.
"We believe that this trend will continue in upcoming FritzFrog versions, and it's likely only a matter of time before additional exploits are added to the malware," said researchers.
Malicious updates have been recently issued to the Python Package Index package "django-log-tracker," which was last modified in April 2022, to facilitate the distribution of the Nova Sentinel information-stealing malware, The Hacker News reports.