Hackers Are Already Using the Shellshock Bug to Launch Botnet Attacks

posted Sep 28, 2014, 6:19 PM by Unknown user   [ updated Oct 15, 2014, 12:06 AM ]

With a bug as dangerous as the “shellshock” security vulnerability discovered yesterday, it takes less than 24 hours to go from proof-of-concept to pandemic.

As of Thursday, multiple attacks were already taking advantage of that vulnerability, a long-standing but undiscovered bug in the Linux and Mac tool Bash that makes it possible for hackers to trick Web servers into running any commands that follow a carefully crafted series of characters in an HTTP request.