Casa > cibernético Notícias > Shellshock Vulnerable Devices Still Targeted. 630 000 Ataques em apenas duas semanas

Shellshock Devices vulneráveis ​​Ainda Targeted. 630 000 Ataques em apenas duas semanas

shellshock-630 000-ataques-em-um-semana
Quase dois meses após seu anúncio, a Trauma pós guerra flaw in Bash has become immensely popular. Sobre 630 000 incidentes foram detectados a partir de mais do que 15 000 endereços IP em todo o mundo em apenas duas semanas do período. This marks a distinct increase in the attacks compared to the early stage of the disclosure.

The Frequency of the Attacks

Incapsula’s statistics show that at the very beginning 1,970 attacks per hour were detected. A month later the rate isn’t getting much lower – over 1,870 have been carried out. What’s different is the amount of IP addresses that deploy them – they have increased by 1,600%. This only comes to show that the hackers are constantly scanning the Web in order to find more and more vulnerable systems which they can deploy in their malicious campaigns.

It would be logical to presume that most of the vulnerable computers have already been patched, mas, infelizmente, not all systems are regularly taken care of. What’s quite disturbing is the fact that the first patch for Shellshock did not fully mitigate the flaw, which left a large number of machines at a risk.

Hackers Can Exploit Any System

Shellshock is still a very dangerous flaw that can damage unprotected devices, and expose other machines to risk as a part of DDoS botnet attacks. It doesn’t matter if the computer is old or new; as soon as it is connected to the Internet it can be exploited by cybercrooks. The attacks in which the Shellshock bug is leveraged can have many goals; in many cases it is used to add a machine to a botnet, which can then launch a DDoS attack or spread various malware. Mostly targeted are servers, because fewer resources are needed for the attack, and malware is delivered to its customers.

NAS devices are also targeted because of the files stored on them. The Shellshock vulnerability could be exploited in order to inject ransomware in the compromised device, and the hackers could demand a certain fee in exchange for the decryption key.


Berta Bilbao

Berta é um pesquisador de malware dedicado, sonhando para um espaço cibernético mais seguro. Seu fascínio com a segurança de TI começou há alguns anos atrás, quando um malware bloqueado la fora de seu próprio computador.

mais Posts

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Compartilhar no Twitter chilrear
Compartilhar no Google Plus Compartilhar
Partilhar no Linkedin Compartilhar
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Partilhar no StumbleUpon Compartilhar