Security Advisor

Yahoo Servers Reportedly Hacked Using 'Shellshock' Hole

Romanian hackers are targeting the Yahoo Games servers.

Romanian hackers have allegedly exploited the Bash "Shellshock" vulnerability to hack Yahoo servers, according to Unix expert and former hacker Jonathan Hall.

In a blog post on his IT firm's site, Future South Technologies, Hall said he noticed that Yahoo had been compromised after researching attack vectors of the Bash hole after the 20-year-old flaw in the Unix-based platform -- used in Linux, OS X and numerous servers, routers and other hardware --surfaced online two weeks ago.

Using a Google search to find servers that had not been patched to protect against the Shellshock flaw, Hall found that Romanian hackers had infiltrated at least two Yahoo servers and were specifically targeting the company's Yahoo Games servers. Hall speculated that the hackers were targeting those specific servers due to the popularity of the Yahoo Games service. "One might wonder why they would bother going for that," wrote Hall. Well, those games are visited by MILLIONS of people per a day, and they're also java based. Think about it and you tell me why someone would want to compromise those ..."

If a breach of Yahoo servers did occur, attackers could steal information, including e-mail details and login credentials, and deliver malware to unsuspecting customers.  Hall also said that the specific hackers who have targeted Yahoo may be searching for other vulnerable servers through the WinZip .zip file domain.

Using the WinZip domain, Hall said this could lead to further problems for users of the popular file service. "It has been a while since I've used WinZip, but last I recall, every time you guys release a new version It informs the user(s) that a new version is available for update," wrote Hall. "That means there's a Web script somewhere that's being called and checked. In that instance, someone with malicious intent would be more than capable of attaching nasty code to the setup for WinZip and forcing a mass update, effectively infecting every single one of your users -- which I'm fairly certain is still a very large number -- with code of their choice."

After numerous attempts to contact Yahoo concerning the possible breach, Hall said Yahoo e-mailed him, confirming it is currently looking into the matter. He also said he alerted the FBI who "aren't moving with any form of haste," according to Hall.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Insights for MyAnalytics Getting Switched On for Office 365 Users This Month

    Microsoft is planning to activate "Insights for MyAnalytics" sometime late this month for most Office 365 users, but the ability of organizations to manage this feature won't be available until possibly mid-May.

  • SharePoint Framework 1.8 Now Generally Available

    Microsoft this week announced that SharePoint Framework 1.8 had reached "general availability" status, although some features are still at the preview stage.

  • How To Create Office 365 User Accounts in Bulk

    Manual account creation can be tedious, time-consuming and prone to human error, especially if you have more than a handful of Office 365 users to set up. Brien shows you a better way.

  • System Center 2019 Reaches General Availability

    System Center 2019 has now reached the "general availability" product stage, Microsoft indicated in a Thursday update.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.