Blog Security Research Frog4Shell — FritzFrog Botnet Adds One-Days to Its Arsenal Ori David is a Security Researcher at Akamai. His research is focused on offensive security, malware analysis, and threat hunting.  Editorial and additional commentary by Tricia Howard Executive summary \r\n The Akamai Security Intelligence Group (SIG) has uncovered details about a new variant of the FritzFrog botnet, which abuses the 2021 Log4Shell vulnerability. \r\n \r\n Over the years we have seen more than 20,000 FritzFrog attacks, and 1,500+ victims. \r\n \r\n The malware infects internet-facing servers by brute forcing weak SSH credentials. Newer variants now read several system files on compromised hosts to detect potential targets for this attack that have a high likelihood of being vulnerable. \r\n \r\n The vulnerability is exploited in a brute-force manner that attempts to target as many vulnerable Java applications as possible.…