Shellshock strikesPosted by admin on Sep 26, 2014 in Security Blog • No comments
Attacks on websites and servers using the new Shellshock bug has been spotted by security analysts. Sservers worldwide use software vulnerable to the bug, which lets attackers execute commands on that system. Thousands of servers have been compromised via Shellshock and some have been used to bombard web firms with data. The number of attacks and compromises was likely to grow as the code used to exploit the bug was shared. The Shellshock bug was discovered in a tool known as Bash that is widely used by the Unix operating system and many of its variants, including Linux open source software and Apple’s OSX.
Hackers have been spotted creating botnets through the serious flaw and using them to launch ditributed denial of service attacks.
The seriousness of the bug has also led governments to act quickly. The UK government said its cybersecurity response team had issued an alertto its agencies and departments giving Shellshock the “highest possible threat ratings”.