- Apr 25, 2013
- 5,355
In a blog post made by Jonathan Hall, he has stated that group of hackers have successfully managed to leverage the recently discovered #BashBug Shellshock vulnerability to compromise a large number of servers belonging to Yahoo, Lycos and Winzip. The as of yet unknown hackers then used those hacked servers to probe for other potential victims.
Jonathan Hall
The blog report was filed by Jonathan Hall who was once a self-confessed black hat hacker. Now he has turned into a full time dedicated white hat researcher cum, engineer cum consultant. He stated that ever since the revelation of the existence of the Shellshock bug, he has been researching the possibilities of its exploitation but gave up after a while and started concentrating on hackers who might be using the vulnerability to exploit it in the wild.
“I noticed in my logs that a box was probing me in search of common scripts in my cgi-bin directory that people around the web have discussed are ‘vulnerable to the shellshock vulnerability’,” he noted. “The box that was probing me was actually a server on the winzip.com domain.”
Full Article
Jonathan Hall
The blog report was filed by Jonathan Hall who was once a self-confessed black hat hacker. Now he has turned into a full time dedicated white hat researcher cum, engineer cum consultant. He stated that ever since the revelation of the existence of the Shellshock bug, he has been researching the possibilities of its exploitation but gave up after a while and started concentrating on hackers who might be using the vulnerability to exploit it in the wild.
“I noticed in my logs that a box was probing me in search of common scripts in my cgi-bin directory that people around the web have discussed are ‘vulnerable to the shellshock vulnerability’,” he noted. “The box that was probing me was actually a server on the winzip.com domain.”
Full Article