Yahoo has said that a hack that successfully infiltrated its servers was not related to the much-publicised Shellshock flaw. The company also said it has managed to fix the problem and eject the hackers.
Yahoo's chief information security officer, Alex Stamos, revealed that attackers had been attempting to use the Shellshock bug to infect Yahoo's systems, but had found another way into a few of its servers relating to Yahoo’s sports services.
"Three of our Sports API servers had malicious code executed on them this weekend by attackers looking for vulnerable Shellshock servers. These attackers had mutated their exploit, likely with the goal of bypassing IDS/IDP [intrusion detection/prevention systems] or WAF [web application firewall] filters," he wrote.
"This mutation happened to exactly fit a command injection bug in a monitoring script our Sports team was using at that moment to parse and debug their web logs."
Stamos said Yahoo’s security team had since isolated the servers in question and found no evidence that any other machines or user data were infected.
“This flaw was specific to a small number of machines and has been fixed, and we have added this pattern to our CI/CD code scanners to catch future issues,” he explained.
Stamos admitted that the incident had caused some confusion for the security team as they had already applied two patches to counter the Shellshock vulnerability.
“Once we ensured that the impacted servers were isolated from the network, we conducted a comprehensive trace of the attack code through our entire stack which revealed the root cause: not Shellshock,” he added.
The incident underlines how attackers move to exploit vulnerabilities and are nimble enough to re-engineer their attacks to breach systems.
Latest Tesla news: Tesla stock price tanks amid reports of 'widening probe' by SEC and claims the base Model 3 loses money
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC
'Notorious' Australian child hacker thought he had executed 'flawless' hack
The former employee says that Tesla fired him for bringing the accusations to management internally