Access Broker Group ‘Prophet Spider IAB’ targeting vulnerabilities in logging utility Log4j. Cybersecurity firm BlackBerry says it has tracked cryptomining software and Cobalt Strike deployments on Horizon. BlackBerry calls the threat actors in these cases “tidy” – citing the cleanup actions they took following miner installation. The online crime group Prophet Spider has been active since at least May 2017 and primarily gains access to victim organizations by compromising web servers, cybersecurity firm CrowdStrike reports. The group employs low-prevalence tools to achieve operational objectives.”]
Source: https://www.cuinfosecurity.com/report-access-broker-exploiting-vmware-log4j-vulnerability-a-18387