Targeting of VMWare Horizon servers with Log4Shell vulnerability
Date of report
  • February 2022
The Iranian threat actor APT 35 leveraged the Log4Shell vulnerability to run malicious PowerShell commands, deploy backdoors, steal credentials, and move laterally through systems.  
Suspected victims
  • VMware Horizon servers
Suspected state sponsor
  • Iran (Islamic Republic of)
Type of incident
  • Espionage
Target category
  • Private sector
Victim government reaction
  • Unknown