News

Criminals broke into Yahoo servers through abuse of Bash bug

By admin
Spread the love

Malicious persons are said to have recently managed to break into Yahoo’s servers using the recently discovered bug in Bash. They may have also gained access to Lycos and WinZip using the same method, a security researcher claims.

The researcher, Jonathan Hall, discovered that alleged Romanian attackers had gained access to at least two Yahoo servers. To do this, they made use of a recently discovered vulnerability in the Bash shell, which makes it possible to execute malicious code. Presumably, the attackers used the bug to create a botnet of Unix hosts.

Hall found out about the attack after a script searched one of his servers for the presence of the Bash bug. He used a self-written exploit to then use Google to see which servers appeared to be vulnerable to the bug. Hall thus discovered that Lycos and the site of the popular archiving program WinZip were also affected. In the latter, he found a rogue Perl script in the cgi-bin-dir on one of the servers, which he identified as ha.pl.

Hall alerted the FBI and affected companies over the weekend. In the meantime, WinZip has patched the servers, the researcher said. In addition, Yahoo would also be closing the vulnerability. An employee informs Hall, who put a screenshot of the email contact online as proof.

The vulnerability in Bash, also known as Shellshock, came to light in the past month. It allowed attackers to put their own code in an environment variable, which would then be executed as soon as a system initiates a Bash session. Many applications rely on shell scripts and some of them can be accessed via the internet, for example cgi scripts.

Software developers squashed the bug in the Bash shell, which mostly affected Linux users, a few days later. That happened with two patches, after it turned out that the first was incomplete. Apple, which ships the Bash shell with OS X, is also coming with a patch. OS X users were not vulnerable by default, but only if they had configured “advanced” Unix services themselves, according to Apple.

You might also like
News

Apple has been working on its own search engine for years. It’s called…

News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

Meta introduces open source language model Llama 2, works on PCs and phones

Exit mobile version