The Shellshock bug that might be worse than Heartbleed. The Heartbleed ‘virus’, an encryption weakness that exposed a vulnerability in websites spread panic throughout the internet earlier this year, has now got a new, more potent cousin. Now, experts are warning a new threat to online users, this time it goes by the name Shellshock, or Bash. Standing for Bourne Again Shell, it is essentially a way for programmers to control software by typing in text, something that is usually just for programmers and wouldn’t appear anywhere else. The Shellshock could essentially be used for hackers to control peoples computers remotely. This of course would be bad news for any internet user with their machine at the mercy of these attacks.
It is this line of attack that is causing the most concern. Hackers could use the exploit on web servers and subsequently any websites hosted, which mean the spread could be far reaching. What this essentially means for casual users of the internet is these attacks can affect you if you happen to use a website that is being hosted by a web server that contains this exploit. hackers could not only control your computer but also access sensitive information you may input into websites. It is worth mentioning that Mac OSX and Linux users are vulnerable as well.
As it is only the early stages of this type of attack, there have not been any cases of attacks due to Bash/Shellshock. The only thing you can really do at this moment is to make sure all your systems are patched up to date, including your web browsers. Further information can be found on SecLists website, which contains advice and precautions. The Shellshock bug that might be worse than Heartbleed will hopefully be stamped out before users are put at risk.