Shellshock Virus, Bigger and Worse than Heartbleed

As server admins and private users worldwide were just breathing out in relief after patching their systems against Heartbleed, a new cyber threat is announced. This time, it is a security flaw that had been lying dormant for nearly 25 years and which no one ever thought of patching. Right now, it can be exploited and expose millions of systems to sensitive data loss.

“This bug is horrible,” wrote Darien Kindlund, director of threat research at the IT security company FireEye on the official company blog. Conservatively, the impact is anywhere from 20% to 50% of global servers supporting web pages.”

What is Bash and what does the Bash Bug do?

Bash is short of Bourne Again Shell, a command line shell used for launching an application by typing a text command. For example, you can use it by launching the Terminal in Mac OS X.
Bash was released in 1989, so the newly discovered vulnerability might have been exploited at any time during the last 25 years. It was discovered and reported on September 24, 2014 by a Unix/Linux researcher names Stephane Chazelas. It gained notoriety under the name Shellshock, penned by security researcher Robert Graham.

So, what can the Shellshock virus do to your computer? First, let’s understand how it operates. This Bash bug relates to the way environmental variables are processed – these variables being the ones that allow users to change the behavior of a software.
Therefore, an attacker could infiltrate into a vulnerable system, program some specific variables and thus gain control over the system by executing shell commands. Basically, a hacker runs your system, has access to all your data, can copy, delete them, change all your passwords and make you unable to control your computer or server.
And this means disaster for any ISP, or server hosting websites and sensitive customer data.

Which systems are affected?

Servers, home computers, business computer networks, and embedded devices – all these systems are vulnerable to Shellshock virus.
Linux and Mac OS X operating systems running on PCs are at risk, but IT security specialists believe that the most targeted systems will be web servers running the Apache web server software. This is a very bad news, if it turns out to be true, because up to 60% of the web servers in the world run on this OS.

How to check if your system is affected by Shellshock virus?

It is quite easy to check if your system si vulnerable. Call up a Terminal on your desktop, and type in this line of code at the $ prompt:
env x='() { :;}; echo vulnerable’ bash -c ‘echo hello’

If your system is vulnerable, the response shall be:

If you are protected from Shellshock, you will read this instead:
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for ‘x’

Is there a patch for Shellshock?

The answer is both yes and no.
Apple is working to patch the problem, but the latest version of its software (Mac OS X 10.9.5) is vulnerable as it included Bash 3.2. However, Apple stated that using the default settings of the OS will keep the system safe from Shellshock.
Linux users have a few patches available to install, but recent tests have shown that these patches do not keep the system 100% safe, so it is still vulnerable.

As of present, there are no known cyber attacks using the Bash vulnerability, however the US Department of Homeland Defense gave it the maximum rating of 10 on the scale of internet safety threats.

Did you enjoy this article? To receive updates about our most recent posts, don’t forget to Subscribe to our newsletter. Wait, there’s more! We offer exclusive deals and insights for our social media friends, so join us on Facebook and Twitter.

You might also like reading

Ionut B
Digital Art Director with an innovative creative thinking able to translate ideas and concepts into useful and memorable interactive marketing campaigns.

Do you like our Blog? Please spread the word :)