Yahoo Hit by Shellshock Variant, Claims 'No User Data was at Risk'
Marc Maligalig | | Oct 07, 2014 01:45 AM EDT |
Yahoo's search share spiked in December, following Firefox's default search engine adoption.
Internet giant Yahoo announced Monday that no user information was compromised in a hack attack on its servers exploiting the Bash bug vulnerability over the past two weeks.
Internet addresses point to Yahoo Sports servers as the compromised servers, according to a report by Jonathan Hall, president of Future South Technologies published Sunday night. The report also stated that WinZip, a file compression tool, and Lycos, a search engine created in 1994, were susceptible to the Bash bug.
Like Us on Facebook
The Bash bug, also known as the Shellshock bug or Shellshocker, is a 25-year old weakness that lets malicious codes run inside a bash shell, which is a simple and common interface for delivering commands to a computer. The Shellshock vulnerability can potentially be used to obtain private data or gain control of a computer.
Yahoo confirmed Monday afternoon it had identified a "handful" of its Internet servers that were exploited by the Shellshock bug. Alex Stamos, Yahoo's chief information security officer, however, later corrected this statement.
"Earlier today, we reported that we isolated a handful of servers that were detected to have been impacted by a security flaw," Stamos wrote in a blog post. "After investigating the situation fully, it turns out that the servers were in fact not affected by Shellshock."
He added the cause of the attack was a different kind of vulnerability particular to a script Yahoo was using to debug its servers at the time of the attacks. Stamos also repeated that no customer data was breached during the attack.
"Though the FBI seemed intrigued by this, in my opinion, they aren't moving with any form of haste," he wrote. "And every minute that goes by jeopardizes the safety of yours and my personal information, financial data and much, much more."
TagsYahoo, Shellshock, Shellshocker, Bash Bug, internet security, hacker, hackers, Data breach
©2015 Chinatopix All rights reserved. Do not reproduce without permission
EDITOR'S PICKS
-
Did the Trump administration just announce plans for a trade war with ‘hostile’ China and Russia?
-
US Senate passes Taiwan travel bill slammed by China
-
As Yan Sihong’s family grieves, here are other Chinese students who went missing abroad. Some have never been found
-
Beijing blasts Western critics who ‘smear China’ with the term sharp power
-
China Envoy Seeks to Defuse Tensions With U.S. as a Trade War Brews
-
Singapore's Deputy PM Provides Bitcoin Vote of Confidence Amid China's Blanket Bans
-
China warns investors over risks in overseas virtual currency trading
-
Chinese government most trustworthy: survey
-
Kashima Antlers On Course For Back-To-Back Titles
MOST POPULAR
LATEST NEWS
Zhou Yongkang: China's Former Security Chief Sentenced to Life in Prison
China's former Chief of the Ministry of Public Security, Zhou Yongkang, has been given a life sentence after he was found guilty of abusing his office, bribery and deliberately ... Full Article
TRENDING STORY
-
China Pork Prices Expected to Stabilize As The Supplies Recover
-
Elephone P9000 Smartphone is now on Sale on Amazon India
-
There's a Big Chance Cliffhangers Won't Still Be Resolved When Grey's Anatomy Season 13 Returns
-
Supreme Court Ruled on Samsung vs Apple Dispute for Patent Infringement
-
Microsoft Surface Pro 5 Rumors and Release Date: What is the Latest?