Yahoo shellshocked, claims no data snatched in hack

At least two of Yahoo's servers are said to have been infiltrated by the Shellshock vulnerability, but the Internet megacorp says there's no evidence any user data was compromised.

Shellshock is a collection of bugs created to integrate into Unix shell Bash, which has led to the backdoor server vulnerability also being called Bashdoor. The vulnerability connected the infected servers to a botnet that's currently managed by two Romanian hackers.

Jonathan Hall, president and senior engineer of Future South Technologies, was monitoring the botnet's activities when he detected Shellshock vulnerabilities being run on high-profile servers, which included yahoo.com.

"This breach is very serious, and jeopardizes every consumer that uses Yahoo! in any manner, from shopping to email, and even game playing," says Hall. "This is a publicly traded company, and they've got so much reach. I'm sure many of you have Yahoo! email accounts... How many people out there have any form of personal information tied to those accounts? Bank accounts? PayPal? Credit cards?"

Hall said he initially received no response when he pointed out the intrusions to Yahoo, but a spokeswoman from the Internet corporation recently spoke out to reassure Yahoo users the matter was being addressed.

"As soon as we became aware of the issue, we began patching our systems and have been closely monitoring our network," said Elisa Shyu, a Yahoo spokeswoman. "We isolated a handful of our impacted servers and at this time we have no evidence of a compromise to user data."

Hall says he also contacted the FBI about the latest Shellshock breach. The bureau seemed intrigued, but it didn't appear to be acting with the proper sense of urgency, stated Hall.

"People are very seriously underestimating the Shellshock vulnerability," says Hall. "While its severity has been expressed, everyone is taking the standpoint of 'yeah, but that's only if x is y and z is w. That's the most foolish way to go about the issue. I have successfully exploited this vulnerability remotely during testing via MANY vectors."

While Yahoo and federal investigators continue to probe Shellshock's latest strike, another botnet was recently discovered infecting Mac OS X systems.

Mac.BackDoor.iWorm infected at least 17,000 Mac computers before security firms began rolling out software upgrades to combat the malware. The worm used Reddit's search tools to connect to botnets, which would give the malware instructions on what to do with the infected computers.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics