FritzFrog Returns with Log4Shell and PwnKit, Spreading Malware Inside Your Network

01-Feb-24

The FritzFrog botnet has reemerged with a new variant, utilizing the Log4Shell vulnerability to internally propagate within compromised networks. This Golang-based malware, active since January 2020, now specifically targets internal hosts, exploiting unpatched systems even if external applications are secured. The latest version also employs the PwnKit flaw (CVE-2021-4034) for local privilege escalation and utilizes tactics to evade detection, including avoiding file drops to disk whenever possible.

Read More…