Shellshock

Posted: October 3, 2014

Shellshock Description

Shellshock is a Bash vulnerability that allows third parties to execute potentially threatening code through the command-line prompt. Because Bash is specific to Unix-based systems, Windows machines are not at risk of Shellshock attacks, but the estimates of attacks for Mac OS X and Linux systems already have exceeded ten thousand individual infections. Shellshock is a straightforward exploit that may let third parties have an unsafe level of access to your computer. Accordingly, vulnerable PC users are recommended to install relevant security patches and use updated anti-malware solutions for removing any software installed via Shellshock.

Shellshock: a Not-So-Shocking Twist from Old Trojans

Shellshock is a vulnerability that only has been widely documented this year, although its undisclosed lifespan most likely is longer than that – to the point where some coding specialists considered Shellshock an 'undocumented feature.' However, because Shellshock is easily-exploited with almost no coding knowledge, and grants hackers the ability to execute arbitrary code on the target PC, Shellshock quickly became known as a security flaw. Apple and other companies within the industry have issued patches that supposedly close the Shellshock vulnerability, although there continues to be heavy disputes about how complete the patches are, particularly for the Linux and OS X OSes.

Over seventeen thousand Shellshock attacks, the majority originating from North American or Chinese IP addresses, have been recorded in the past two weeks. However, most of these attacks use previously-identified backdoor Trojans and Trojan botnet-based infrastructures, with minor modifications to support the exploitation of the Shellshock bug. A slim majority of these attacks also are estimated to use the cURL command-line tool, which simplifies data transferral and allows third parties to get away with even less necessary coding expertise.

Denial-of-Service attacks, which flood servers with fake traffic from infected PCs, and standard information-collecting spyware attacks appear to be the dominant threat campaigns focused on spreading via Shellshock. However, other modes of distribution also remain open to abuse.

Powering Through the Shock of Shellshock

Site administrator machines are especially at risk of being affected by Shellshock attacks, and, as usual, should take the proper precautions to protect both their websites and their machines with updated security patches. Although DDoS Trojans may cause system slowdowns and other, semi-noticeable symptoms, not all of the Trojans associated with Shellshock attacks are prone to divulging their presence easily. Anti-malware scans by reliable software should continue to be able to identify Trojans modified to support Shellshock or use Shellshock in their personal distribution.

As with any vulnerability linked to possible spyware, it also is crucial to protect sensitive information that could transfer to third parties possession in the aftermath of a successful Shellshock attack. Monitor the use of local networks and accounts, and, if necessary, change any possibly-stolen passwords or security questions. However, for the moment, malware experts can emphasize that the most important thing you can do to protect yourself from Shellshock is to install all security updates offered for that purpose.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Shellshock may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.