So how does the vulnerability work? That’s simple: the vulnerability allows hackers to infect their own malicious code into bash. Once the hacker injects malicious code, they’re able to:
According to Jonathan Hall, Cyber Security Researcher, Yahoo is one of the first major companies to experience an attack via the vulnerability since the security bug’s disclosure on September 24th, 2014.
Do You Spend Time on Yahoo Games? Keep An Eye Out for Signs of Data Theft or Malware Infections – The Yahoo Games Servers Were Hacked!
On Hall’s website, he claims Romanian hackers have managed to use the Shellshock bug to infiltrate Yahoo servers! He says three servers have been breached, including Yahoo Games, one of the largest free online game collections available on the Internet.
So what does this mean for everyone who visits Yahoo Games on a daily basis? Well, if you’re playing games on the website, hackers could’ve easily installed malware on your computer, or worse, stolen your private information.
When Hall notified Yahoo, Elisa Shyu, a spokeswoman, responded, “As soon as we became aware of the issue, we began patching our systems and have been closely monitoring our network. We isolated a handful of our impacted servers, and at this time, we have no evidence of a compromise to user data.”
While Shyu’s comment is reassuring, it’s always better safe than sorry! We recommend following a few simple tips to mitigate the risks of an attack:
Feeling concerned about the attack? To learn more, give us a call or send us an email. We are happy to help you stay up to date on the latest security threats!