Yahoo’s servers hacked Using ShellShok Vulnerability

Yahoo’s servers hacked Using ShellShok Vulnerability , ShellShok Vulnerability, hacking ShellShok Vulnerability,  hacking via ShellShok Vulnerability, exploiting ShellShok Vulnerability , Yahoo server hacked
After HeartBleed another biggest security flaws "Shellshock" was made public a week ago and this vulnerability was said to be worse then HeartBleed. Shellshock is a critical remotely exploitable vulnerability has been discovered in the widely used Linux and Unix command-line shell, known as Bash or GNU Bourne Again Shell.

This Vulnerability puts more 80 percent of the websites, servers and Linux systems under the threats. And with so much of vulnerable system this was the golden opportunity for the hackers to get there victim.

On same, Romanian hackers have hacked into Yahoo server with the shellshock vulnerability. eport posted on the security researcher Jonathan Hall site, which noted that
According to the hackers have hacked and gain access to the Yahoo Game server. Jonathan had also published a corresponding email purportedly from Yahoo’s in-house security team confirming the breach.

Reports says that, hackers have exploited the Shellshock vulnerability resides on the Unix-based operating system that can allow attackers to take total control over the system, it has even allowed them to install various programs and run commands.

Jonathan wrote that he had reported the issue to Yahoo several times and also reported to FBI but later on he have made a post on his website to take attention of yahoo's team. On the post he wrote-
This is a very serious issue and a very serious manner that needs to be addressed immediately. I've also emailed Marissa Mayer and contacted her via twitter, both of which yielded zero results and no response. There are no publicly available contact methods for Yahoo! that have yielded any luck with trying to contact them regarding this. I also have not heard anything back on the WinZip domain, either. This is a gross negligence and complete lack of care or concern for the safety of the consumers in terms of financial information.
Later on a representative of Yahoo’s security team have replied Hall in a mail and confirmed about the breached. Yahoo team is internally investigating the matters to check the series of damage and further damage to Yahoo ad its users.

While this is the first attacks that have came forward but this won't be last. As like Heartbleed there are still tonnes of system that are vulnerable and Shellshok, just came so we can imagine how dangerous it would be.

As major Linux distribution vendors have patch the vulnerability and released a new bash software versions, so we recommends ours readers and to all server and web admin to patch the vulnerability immediately. Website owner are also advised to contact their server admin or hosting provider to path the issue. 


Post a comment (0)
Previous Post Next Post