Top 5 This Week

Related Posts

Shellshock bug: Thousands of servers compromised

According to experts, millions of servers use software vulnerable to Shellshock bug, which lets attackers run commands on that system.

Up to now, a series of attacks on websites and servers using the serious Shellshock bug has been spotted

So far, thousands of servers have been compromised via Shellshock and some have been used to bombard web firms with data, said experts.

The number of attacks and compromises was likely to grow as the code used to exploit the bug was shared.

The Shellshock bug was discovered in a tool known as Bash that is widely used by the Unix operating system and many of its variants, including Linux open source software and Apple’s OSX.

Apple said it was working on a fix for its operating system and added that most users would not be at risk from Shellshock.

Millions of servers use software vulnerable to Shellshock bug, which lets attackers run commands on that system
Millions of servers use software vulnerable to Shellshock bug, which lets attackers run commands on that system

Attackers have been spotted creating networks of compromised machines, known as botnets, that were then put to other uses.

One group used their Shellshock botnet to bombard machines run by Akamai with huge amounts of junk data to try to knock them offline. Another group used its botnet to scan for more machines that are vulnerable.

Evidence of the scanning and attacks came from honeypots run by security companies. These are computers that have been set up to look vulnerable but which catch information about attackers.

The US and Canada are believed to have issued alerts and told technology staff to patch systems as quickly as possible. Amazon, Google, Akamai and many other tech firms have also issued advisories to customers about the bug.

As well as software patches for vulnerable systems, security firms and researchers are also producing signatures and filter lists to help spot attacks based around it.

[youtube MkEBexRxE_g 650]

Nancy Clayson
Nancy Claysonhttp://www.bellenews.com
Nancy is a young, full of life lady who joined the team shortly after the BelleNews site started to run. She is focused on bringing up to light all the latest news from the technology industry. In her opinion the hi-tech expresses the humanity intellectual level. Nancy is an active person; she enjoys sports and delights herself in doing gardening in her spare time, as well as reading, always searching for new topics for her articles.

Popular Articles