Monti ransomware infiltrates networks via the well-known Log4Shell

Threat Level – Red | Vulnerability Report
Download PDF

The Monti ransomware infiltrated the client’s internet-facing VMware Horizon virtualization system by exploiting the well-known “Log4Shell” vulnerability, a.k.a. CVE-2021-44228. Furthermore, the threat actor employed a commercial, cloud-based remote monitoring and maintenance (RMM) platform named Action1, which has never been used in a ransomware campaign before.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox