Hackers are exploiting the Shellshock bash vulnerability to infect enterprise Network Attached Storage systems (NAS) with malware. VMware has also issued updates for several of its products to protect against the Shellshock exploit.
FireEye researchers reported the campaign in a blog post warning that the targeted attacks have the potential to offer hackers full access to all data stored on the systems.
"These attacks result in the hackers having a root level remote shell, gaining full access to the contents of the NAS. The observed targets have been primarily located in Japan and Korea with one additional target observed in the US," read the post.
"NAS systems are used by enterprises to store large volumes of files and house databases, as well as by consumers for personal storage. This makes an NAS an attractive target for attackers given the broad types of data they handle. In this case, the attackers can gain full access to the NAS content as well as execute other commands."
The researchers warned that the attacks are doubly dangerous as the hackers install a backdoor on the infected devices, ensuring they have ongoing access to, and power over, the NAS systems.
"An interesting component of the attack is the script also attempts to copy an SSH key to the local authorized_keys file on the NAS device, this allows future password-less log-ins, creating a backdoor for the attacker to the NAS device," read the post.
Shellshock is a flaw in the Bash code used on Unix and Unix-like systems that was uncovered earlier in September. The widespread use of Bash led to concerns that the flaw could be exploited to infect everything from computers, to servers and SCADA systems.
Prior to FireEye's discovery researchers from Zscaler ThreatLabZ reported uncovering evidence that hackers are exploiting Shellshock to install malware on Nginx and Apache web servers.
The seriousness of the bug has led many technology firms to release emergency patch fixes. Most recently VMware reported it is developing a Bash patch for 38 of its virtual appliance products.
Finding refutes many earlier studies that suggest that galaxies don't have much dark matter at the time of their birth
Boris the robot outed as man in rented robot suit
Mission will provide vital data about the performance of rocket, spacecraft, autonomous docking system and the landing system
The flight will take off from California's Mojave Air and Space Port and could happen as soon as 13th December