Saturday, September 27, 2014

Millions of computers at risk of Shellshock – BBC Russian

  • September 27, 2014

Share

 & # x43A; & # x43E; & # x43C; & # x43F; & # x44C; & # x44E; & # x442; & # x435; & # x440; & # x43D; & # x430; & # x44F; & # x43A; & # x43B; & # x430; & # x432; & # x438; & # x430; & # x442; & # x443; & # x440; & # x430;

Millions of Internet servers were under threat due to a system error Shellshock, which allows hackers to run on a compromised computer any team.

According to experts, today thousands of servers were vulnerable because of gaps Shellshock, and hundreds of others have been used for mass spamming.

The number of break-ins, are likely to grow, as a network distributed code, with which you can exploit this bug.

Shellshock was found in the shell Bash, which is widely used Unix operating system and developed on the basis of its options, including Linux and System OC X, which are products of Apple.

Bug Shellshock allows network attackers to connect to the victim’s computer and control them, creating computer networks or botnets.

Earlier, a group of hackers using Shellshock sent us a huge Akamai Technologies the amount of spam trying to bring it down. Other criminals use botnets to search for new vulnerabilities to infiltrate computers.

The data for this were obtained by computer security companies, to use technology so-called “honeypots” or arranged hidden “traps” to specifically undergo cracking.

Worse than Heartbleed

As told Jamie Blasco, an employee of AlienVault, providing computer security, their “traps” identified scanning commands and attacks using Shellshock. Scanning hackers informed that the server is vulnerable, which was followed by attempts to install a virus on it and thereby give hackers complete control over it.

Shellshock can affect an immeasurable number of computers and systems, but requires special conditions in order to successfully start their remote control

Jen Eliis, the company Security Rapid7

According to the expert on computer security Caspar Lindegaard from the company Secunia, because of the potential opportunities offered by Shrellshock hackers, it is more dangerous than found in April year bug Heartbleed.

“Heartbleed only allowed hackers to retrieve some information – said Lindegaard technology news site The Register. – This gives the opportunity to give commands and take control of servers and operating systems.”

Because of this potential threat to the team responsible for the cyber security of government websites in the UK, has issued a warning to all agencies and institutions, calling to Shellshock highest level of danger.

the United States and Canada also released a similar warning and called geek as soon as possible to release the appropriate “patch”.

According to the very first reports, to 500 million computers could fall under the new hit bug, but new data suggest that the number is much smaller, as so that hackers were able to use it, you need to coincide a number of conditions.

“Shellshock can affect an immeasurable number of computers and systems, but requires special conditions in order to successfully start their remote control,” – said Jane Ellis of security company Rapid7.

Experts believe that in the coming weeks and months, it becomes more clear how wide the scope of Shellshock and is a real threat.

LikeTweet

No comments:

Post a Comment