Shellshock has claimed another victim as Yahoo recently revealed that three of its servers were compromised over the weekend by hackers that managed to exploit the vulnerability.
In a statement issued to Bloomberg via e-mail, Yahoo spokesperson Elisa Shyu said the company began patching its systems as soon as they became aware of the issue and have been closely monitoring their network. Yahoo isolated a handful of servers that were impacted and at this time, Shyu added, there is no evidence of a compromise to user data.
Security researcher Jonathan Hall was the first to report the breach, the details of which can be found in this lengthy post over at Future South Technologies. To summarize, Hall claims Romanian hackers trying to build a large botnet are responsible for the attack. In addition to Yahoo, he also found evidence of an attack on utility software developer WinZip.
The security flaw, first disclosed publically on September 24, poses an even bigger threat than the Heartbleed bug from earlier in the year as it allows a bad actor to potentially gain complete control over a target system.
Security firm Incapsula estimates that there were nearly a billion attempts to use the bug and its own web application firewall dealt with more than 217,000 exploit attempts in the week following the bug’s disclosure.
There are likely thousands of Shellshock victims at this point although Yahoo is by far the biggest (that we know about).