Several security researchers have recently reported a powerful software bug that could potentially affect thousands of popular websites, services, hosted apps, and even game servers—thanks to an apparent flaw that could allow hackers to compromise or take control of servers that run them.
Just as reported by the developers of the popular Minecraft game, this flaw potentially affects servers that run Twitter, Apple’s iCloud, the Steam gaming platform, and a growing number of others that may be vulnerable.
One research group has dubbed the vulnerability as “Log4Shell,” and the name appears to be sticking. It involves a widely used software used to log information on servers. This software is open source, meaning it is freely available to developers. As a result, countless organizations and businesses use it on their servers.
While details are still evolving, researchers are acting with a proper degree of caution given the potential scope of the issue. Needless to say, the immediate level of concern remains high given the potential of the flaw to impact millions of servers, devices, and the people who use them.
What can an attacker do with this vulnerability?
At this early stage, a few things appear to be possible:
- A hacker could access the logs on impacted servers, gathering the information kept there. This could include any kind of information from chats, usernames, passwords, or other information, depending on what’s being logged by the website, app, or service in question.
- In some instances, the vulnerability reportedly allows hackers to execute code or functions that can compromise or even take over the targeted server. For example, there have been reports of compromised servers that were converted to illicitly mine for cryptocurrencies.
- Likewise, there is the potential for hackers to further use the impacted servers to distribute malware to the computers, smartphones, and other devices connected to them. As of this writing, we have yet to uncover any such attacks. However, determined hackers could attempt such an attack if they believe there’s some value or return in doing so.
What if I know someone who plays Minecraft or is running a Minecraft server?
The developers of Minecraft have provided several steps that detail what both players and server hosts should do to protect themselves. The developers clearly recognize the potential gravity of the situation and are taking a proactive approach in saying, “This vulnerability poses a potential risk of your computer being compromised, and while this exploit has been addressed with all versions of the game client patched, you still need to take [steps] to secure your game and your servers.” We’ve provided the link to those steps here:
Recommended steps for Minecraft players and server hosts.
How else you can protect yourself
Right now, as this situation evolves, the best step is to keep your eyes open. If the app, service, site, or game you’re on performs strangely, consider signing out and closing it down. Then, perform a security scan on your device to check for viruses, malware, or other threats. Follow the guidance from your online protection software if any results come up.
You may also consider limiting your app and service usage to the most important activities. If it’s not an urgent or important online task or activity, see about putting it off until more is known.
Likewise, stay tuned. The details around this vulnerability continue to unfold. As they do, you’ll find further guidance that can help keep you and your family protected from this or any follow-on threats associated with this issue.