Log4Shell is the widely used name for the Log4j vulnerability CVE-2021-44228. In the provided content it is referenced as a real, historical zero-day vulnerability in Log4j, later dubbed Log4Shell, and also as the “Log4J vulnerability (CVE-2021-44228).” The content does not provide high-confidence information about malware functionality, infection vectors, threat actor usage, targeted industries, affected systems beyond Log4j, or indicators of compromise. Based on the supplied material, this object refers to a vulnerability rather than malware.
Mallory pivots from this family to the IOCs, detections, and named campaigns that touch your stack, and pages you when something new lands.
1 CVE Mallory has correlated with this family across public research and vendor advisories. Each row links to the full Mallory page for that vulnerability.
2021: ...zero-day vulnerability (later dubbed Log4Shell) ... in ... Log4j.
3 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
Named only as a historical vulnerability example in the jailbreak severity appendix, not as malware.
Common nickname for CVE-2021-44228 (Apache Log4j RCE) used here as a case study for EPSSv2 behavior and feature sensitivity, not as malware.
Remote code execution vulnerability in Apache Log4j referenced as widely exploited.
Match every observed IP, domain, and hash against your live telemetry.
Named campaigns wielding this family, with evidence pinned to each claim.
CVEs this family uses for access and lateral movement.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Every documented technique, ranked by evidence weight.
Reddit, Mastodon, and CTI community discussion around this family.