Revision as of 18:36, 29 October 2022 edit Thegreatluigi (talk \| contribs) Extended confirmed users, Rollbackers 12,195 edits m Reverted edits by 207.70.159.173 (talk) to last version by Citation bot Tag: Rollback ← Previous edit		Revision as of 17:00, 23 November 2022 edit undo GreenC bot (talk \| contribs) Bots 3,054,792 edits Move 1 url. Wayback Medic 2.5 Next edit →
Line 34: ==Reports of attacks== Within an hour of the announcement of the Bash vulnerability, there were reports of machines being compromised by the bug. By 25 September 2014, [[botnet]]s based on computers compromised with exploits based on the bug were being used by attackers for [[Denial-of-service attack#Distributed attack\|distributed denial-of-service]] (DDoS) attacks and [[vulnerability scanner\|vulnerability scanning]].<ref name="Wired" /><ref name="IT-20140926-JS" /><ref name="bbconShellshock">{{cite web \|author=Various \|title=Web attacks build on Shellshock bug \|url=~~http~~https://mwww.bbc.com/news/technology-29375636 \|date=26 September 2014 \|work=[[BBC]] \|access-date=26 September 2014 }}</ref> [[Kaspersky Labs]] reported that machines compromised in an attack, dubbed "Thanks-Rob", were conducting DDoS attacks against three targets, which they did not identify.<ref name="Wired">{{cite magazine\|last1=Greenberg\|first1=Andy\|title=Hackers Are Already Using the Shellshock Bug to Launch Botnet Attacks\|url=https://www.wired.com/2014/09/hackers-already-using-shellshock-bug-create-botnets-ddos-attacks/\|magazine=Wired\|access-date=28 September 2014\|date=25 September 2014}}</ref> On 26 September 2014, a Shellshock-related botnet dubbed "wopbot" was reported, which was being used for a DDoS attack against [[Akamai Technologies]] and to scan the [[United States Department of Defense]].<ref name="IT-20140926-JS">{{cite news \|last=Saarinen \|first=Juha \|title=First Shellshock botnet attacks Akamai, US DoD networks \|url=http://www.itnews.com.au/News/396197,first-shellshock-botnet-attacks-akamai-us-dod-networks.aspx \|date=26 September 2014 \|work=iTnews \|access-date=26 September 2014 }}</ref> On 26 September, the security firm [[Incapsula]] noted 17,400 attacks on more than 1,800 web domains, originating from 400 unique IP addresses, in the previous 24 hours; 55% of the attacks were coming from China and the United States.<ref name="NYT-20140926-NP">{{cite news \|last=Perlroth \|first=Nicole \|title=Companies Rush to Fix Shellshock Software Bug as Hackers Launch Thousands of Attacks \|url=http://bits.blogs.nytimes.com/2014/09/26/companies-rush-to-fix-shellshock-software-bug-as-hackers-launch-thousands-of-attacks/ \|date=26 September 2014 \|work=[[New York Times]] \|access-date=29 September 2014 }}</ref> By 30 September, the website performance firm [[CloudFlare]] said it was tracking approximately 1.5 million attacks and probes per day related to the bug.<ref name="businessweek">{{cite web\|last1=Strohm\|first1=Chris\|last2=Robertson\|first2=Jordan\|title=Shellshock Draws Hacker Attacks, Sparks Race to Patch Bug\|url=http://www.businessweek.com/news/2014-09-30/shellshock-draws-hacker-attacks-sparks-race-to-patch-bug\|publisher=Businessweek\|access-date=1 October 2014\|date=30 September 2014 }}</ref>

Shellshock (software bug): Difference between revisions