Sat, Sep 27, 2014 - Page 1 News List

Hackers exploiting ‘Shellshock’ bug to launch attacks

‘BASH’:Experts say the newest Internet threat to emerge since Heartbleed might not affect as many machines, but it could wreak more havoc

Reuters, BOSTON

Hackers have begun exploiting the newly identified “Shellshock” computer bug, using fast-moving worm viruses to scan for vulnerable systems and then infect them, researchers warned on Thursday.

“Shellshock” is the first major Internet threat to emerge since the discovery in April of “Heartbleed,” which affected encryption software used in about two-thirds of all Web servers, along with hundreds of tech products.

The latest bug has been compared to “Heartbleed” partly because the software at the root of the “Shellshock” bug, known as Bash, is also widely used in Web servers and other types of computer equipment.

Security experts say Shell-shock is unlikely to affect as many systems as Heartbleed because not all computers running Bash can be exploited. Still, they said the new bug has the potential to wreak more havoc because it enables hackers to gain complete control of an infected machine, which lets them destroy data, shut down networks or launch attacks on Web sites.

The Heartbleed bug only allowed hackers to steal data.

The industry is rushing to determine which systems can be remotely compromised by hackers, but there are currently no estimates on the number of vulnerable systems. Inc and Google Inc have released bulletins to advise Web services clients how to protect themselves from the new cyberthreat. A Google spokesman said the company is releasing software patches to fix the bug.

“We don’t actually know how widespread this is. This is probably one of the most difficult-to-measure bugs that has come along in years,” said Dan Kaminsky, a well-known expert on Internet threats.

For an attack to be successful, a targeted system must be accessible via the Internet and also running a second vulnerable set of code besides Bash, experts said.

Joe Hancock, a cybersecurity expert with insurer AEGIS in London, said in a statement that he is concerned about the potential for attacks on home broadband routers and controllers used to manage critical infrastructure facilities.

H.D. Moore, chief research officer with security software maker Rapid7, said it could take weeks or even months to determine what impact the bug would have.

“At this point we don’t know what we don’t know, but we do expect to see additional exploit vectors surface as vendors and researchers start the assessment process for their products and services,” Moore said in an e-mail. “We are likely to see compromises as a result of this issue for years to come.”

Russian security software maker Kaspersky Lab reported that a computer worm has begun infecting computers by exploiting Shellshock.

The malicious software can take control of an infected machine, launch denial-of-service attacks to disrupt Web sites and scan for other vulnerable devices, including routers, Kaspersky researcher David Jacoby said.

He said he did not know who was behind the attacks and could not name any victims.

Comments will be moderated. Keep comments relevant to the article. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned. Final decision will be at the discretion of the Taipei Times.

TOP top