Security Advisor

Yahoo Servers Reportedly Hacked Using 'Shellshock' Hole

Romanian hackers are targeting the Yahoo Games servers.

Romanian hackers have allegedly exploited the Bash "Shellshock" vulnerability to hack Yahoo servers, according to Unix expert and former hacker Jonathan Hall.

In a blog post on his IT firm's site, Future South Technologies, Hall said he noticed that Yahoo had been compromised after researching attack vectors of the Bash hole after the 20-year-old flaw in the Unix-based platform -- used in Linux, OS X and numerous servers, routers and other hardware --surfaced online two weeks ago.

Using a Google search to find servers that had not been patched to protect against the Shellshock flaw, Hall found that Romanian hackers had infiltrated at least two Yahoo servers and were specifically targeting the company's Yahoo Games servers. Hall speculated that the hackers were targeting those specific servers due to the popularity of the Yahoo Games service. "One might wonder why they would bother going for that," wrote Hall. Well, those games are visited by MILLIONS of people per a day, and they're also java based. Think about it and you tell me why someone would want to compromise those ..."

If a breach of Yahoo servers did occur, attackers could steal information, including e-mail details and login credentials, and deliver malware to unsuspecting customers.  Hall also said that the specific hackers who have targeted Yahoo may be searching for other vulnerable servers through the WinZip .zip file domain.

Using the WinZip domain, Hall said this could lead to further problems for users of the popular file service. "It has been a while since I've used WinZip, but last I recall, every time you guys release a new version It informs the user(s) that a new version is available for update," wrote Hall. "That means there's a Web script somewhere that's being called and checked. In that instance, someone with malicious intent would be more than capable of attaching nasty code to the setup for WinZip and forcing a mass update, effectively infecting every single one of your users -- which I'm fairly certain is still a very large number -- with code of their choice."

After numerous attempts to contact Yahoo concerning the possible breach, Hall said Yahoo e-mailed him, confirming it is currently looking into the matter. He also said he alerted the FBI who "aren't moving with any form of haste," according to Hall.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • The Future of Office 365 Pricing

    With a raft of new Office 365 features in the pipeline, Microsoft also seems ready to change the way it bills its subscribers. Will it replicate Azure's pay-per-use model, or will it look like something else entirely?

  • Microsoft Offers 1 Year of Free Windows 7 Extended Security Updates to E5 Licensees

    Microsoft is offering one year of free support under its Extended Security Updates program to Windows 7 users if their organizations have E5 licensing.

  • SQL Server 2019 Licensing: How Much Does It Cost and What's Included?

    Microsoft has clarified the more confusing elements of SQL Server licensing and extended major benefits to customers. The catch is that Software Assurance is required to take advantage of them.

  • What Happens When You Use a Virtual Reality Headset in Space?

    And now for something (almost) completely different, Brien sees how well a HoloLens-like headset weathers the unique conditions of a zero gravity flight.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.