Shellshock
Posted: October 3, 2014
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Ranking: | 14,825 |
---|---|
Threat Level: | 1/10 |
Infected PCs: | 1,490 |
First Seen: | October 3, 2014 |
---|---|
Last Seen: | September 6, 2023 |
OS(es) Affected: | Windows |
Shellshock is a Bash vulnerability that allows third parties to execute potentially threatening code through the command-line prompt. Because Bash is specific to Unix-based systems, Windows machines are not at risk of Shellshock attacks, but the estimates of attacks for Mac OS X and Linux systems already have exceeded ten thousand individual infections. Shellshock is a straightforward exploit that may let third parties have an unsafe level of access to your computer. Accordingly, vulnerable PC users are recommended to install relevant security patches and use updated anti-malware solutions for removing any software installed via Shellshock.
Shellshock: a Not-So-Shocking Twist from Old Trojans
Shellshock is a vulnerability that only has been widely documented this year, although its undisclosed lifespan most likely is longer than that – to the point where some coding specialists considered Shellshock an 'undocumented feature.' However, because Shellshock is easily-exploited with almost no coding knowledge, and grants hackers the ability to execute arbitrary code on the target PC, Shellshock quickly became known as a security flaw. Apple and other companies within the industry have issued patches that supposedly close the Shellshock vulnerability, although there continues to be heavy disputes about how complete the patches are, particularly for the Linux and OS X OSes.
Over seventeen thousand Shellshock attacks, the majority originating from North American or Chinese IP addresses, have been recorded in the past two weeks. However, most of these attacks use previously-identified backdoor Trojans and Trojan botnet-based infrastructures, with minor modifications to support the exploitation of the Shellshock bug. A slim majority of these attacks also are estimated to use the cURL command-line tool, which simplifies data transferral and allows third parties to get away with even less necessary coding expertise.
Denial-of-Service attacks, which flood servers with fake traffic from infected PCs, and standard information-collecting spyware attacks appear to be the dominant threat campaigns focused on spreading via Shellshock. However, other modes of distribution also remain open to abuse.
Powering Through the Shock of Shellshock
Site administrator machines are especially at risk of being affected by Shellshock attacks, and, as usual, should take the proper precautions to protect both their websites and their machines with updated security patches. Although DDoS Trojans may cause system slowdowns and other, semi-noticeable symptoms, not all of the Trojans associated with Shellshock attacks are prone to divulging their presence easily. Anti-malware scans by reliable software should continue to be able to identify Trojans modified to support Shellshock or use Shellshock in their personal distribution.
As with any vulnerability linked to possible spyware, it also is crucial to protect sensitive information that could transfer to third parties possession in the aftermath of a successful Shellshock attack. Monitor the use of local networks and accounts, and, if necessary, change any possibly-stolen passwords or security questions. However, for the moment, malware experts can emphasize that the most important thing you can do to protect yourself from Shellshock is to install all security updates offered for that purpose.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.