Security researchers worried that the Shellshock vulnerability might give cybercriminals bad ideas may be rightly concerned. Recent research suggests a variant called Bashlite is targeting BusyBox, a collection of Unix utilities.

Trend Micro was the first to reveal details about the issue, also known as ELF_BASHLITE.SMB. Researchers said attackers are using the vulnerability to control devices such as routers that deploy BusyBox by using unauthorized login credentials. Cybercriminals can use a series of downloaded scripts to take over computer equipment after they establish a connection.

Shellshock was first discovered in September and described as a bug in Bash, a popular piece of open-source software. In some cases, a simple line of code is all attackers need to break into computers and steal information. As expected, cybercriminals have been quick to seize this advantage. Besides Bashlite, an article on Dark Reading pointed out that Shellshock has also been used to hack into systems using the BrowserStack software for testing websites across Firefox, Internet Explorer and other portals.

However, Bashlite may be among the worst Shellshock exploits yet. Cybercriminals can use it to launch distributed denial-of-service attacks, according to CIO.com, which could render websites useless. In some cases, this could cost organizations as much or more than having certain information stolen from databases.

Like Heartbleed and other high-risk security holes that have emerged this year, Bashlite’s focus on BusyBox may cause increasing concerns about the safety of certain areas of open-source software. BusyBox runs not only on Linux, but also Android and FreeBSD, among other environments, offering a single executable file for resource-hungry embedded operating systems. That means that not only back-end equipment but even certain smartphones might become targets if the malware spreads.

Help Net Security suggested organizations could thwart Bashlite attacks by prohibiting remote access of devices using BusyBox, changing login credentials (avoiding such mainstays as “support,” “root” or “admin”) or simply applying any available Shellshock patches. Many companies have already put a fix in place, The Hacker News added, but there are still estimates that more than 1 billion attacks may eventually be traced back to Shellshock.

More from

Bridging the 3.4 Million Workforce Gap in Cybersecurity

As new cybersecurity threats continue to loom, the industry is running short of workers to face them. The 2022 (ISC)2 Cybersecurity Workforce Study identified a 3.4 million worldwide cybersecurity worker gap; the total existing workforce is estimated at 4.7 million. Yet despite adding workers this past year, that gap continued to widen.Nearly 12,000 participants in that study felt that additional staff would have a hugely positive impact on their ability to perform their duties. More hires would boost proper risk…

The Evolution of Antivirus Software to Face Modern Threats

Over the years, endpoint security has evolved from primitive antivirus software to more sophisticated next-generation platforms employing advanced technology and better endpoint detection and response.  Because of the increased threat that modern cyberattacks pose, experts are exploring more elegant ways of keeping data safe from threats.Signature-Based Antivirus SoftwareSignature-based detection is the use of footprints to identify malware. All programs, applications, software and files have a digital footprint. Buried within their code, these digital footprints or signatures are unique to the respective…

How Do Threat Hunters Keep Organizations Safe?

Neil Wyler started his job amid an ongoing cyberattack. As a threat hunter, he helped his client discover that millions of records had been stolen over four months. Even though his client used sophisticated tools, its threat-hunting technology did not detect the attack because the transactions looked normal. But with Wyler’s expertise, he was able to realize that data was leaving the environment as well as entering the system. His efforts saved the company from suffering even more damage and…

The White House on Quantum Encryption and IoT Labels

A recent White House Fact Sheet outlined the current and future U.S. cybersecurity priorities. While most of the topics covered were in line with expectations, others drew more attention. The emphasis on critical infrastructure protection is clearly a top national priority. However, the plan is to create a labeling system for IoT devices, identifying the ones with the highest cybersecurity standards. Few expected that news. The topic of quantum-resistant encryption reveals that such concerns may become a reality sooner than…