Yahoo has said that a hack that successfully infiltrated its servers was not related to the much-publicised Shellshock flaw. The company also said it has managed to fix the problem and eject the hackers.
Yahoo's chief information security officer, Alex Stamos, revealed that attackers had been attempting to use the Shellshock bug to infect Yahoo's systems, but had found another way into a few of its servers relating to Yahoo’s sports services.
"Three of our Sports API servers had malicious code executed on them this weekend by attackers looking for vulnerable Shellshock servers. These attackers had mutated their exploit, likely with the goal of bypassing IDS/IDP [intrusion detection/prevention systems] or WAF [web application firewall] filters," he wrote.
"This mutation happened to exactly fit a command injection bug in a monitoring script our Sports team was using at that moment to parse and debug their web logs."
Stamos said Yahoo’s security team had since isolated the servers in question and found no evidence that any other machines or user data were infected.
“This flaw was specific to a small number of machines and has been fixed, and we have added this pattern to our CI/CD code scanners to catch future issues,” he explained.
Stamos admitted that the incident had caused some confusion for the security team as they had already applied two patches to counter the Shellshock vulnerability.
“Once we ensured that the impacted servers were isolated from the network, we conducted a comprehensive trace of the attack code through our entire stack which revealed the root cause: not Shellshock,” he added.
The incident underlines how attackers move to exploit vulnerabilities and are nimble enough to re-engineer their attacks to breach systems.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago