Shellshock: Romanian hackers are accessing Yahoo servers, claims security expert

[mrreboot]

Yahoo servers have been infiltrated by Romanian hackers exploiting the Shellshock bug discovered last month, according to cyber security expert Jonathan Hall.

In a blog post on his website Future South, Hall detailed the process by which he discovered Yahoo, Lycos and WinZip websites had all been infiltrated by a group of Romanian hackers.

Hall had Google-searched a range of codes designed to identify which servers were vulnerable to Shellshock, and found that Romanian hackers had breached two Yahoo servers and were exploring the network in search of access points for Yahoo!Games, which has millions of users.

Yahoo’s servers were vulnerable to attack because they were using an old version of server technology Bash.

A Yahoo told The Independent: “A security flaw, called Shellshock, that could expose vulnerabilities in many web servers was identified on September 24.

As soon as we became aware of the issue, we began patching our systems and have been closely monitoring our network.

Last night, we isolated a handful of our impacted servers and at this time we have no evidence of a compromise to user data.

We’re focused on providing the most secure experience possible for our users worldwide and are continuously working to protect our users’ data.”

Yahoo CEO Marissa Mayer was alerted to the Shellshock hacks Before releasing this information, Hall emailed Yahoo and tweeted at its engineering team and CEO Marissa Mayer.

It was confirmed to him that its servers had been infiltrated but Yahoo refused to pay him for alerting them as it was not part of the company’s bug bounty programme.

Yahoo is notorious for its disregard of bug bounty hunters, having last year rewarded one such hacker who identified three bugs in Yahoo's servers with a $25 voucher for company merchandise.

Also in his ethical-hack investigation, Hall found that hackers were using the WinZip domain - for the zip file creator/extractor - to locate other possibly accessible servers.

“This breach affects ALL of us in one way or another, and it’s crucial that this problem be resolved with haste,” Hall said.

Hall informed the FBI of the hackings.

Romania is known as a hub for cyber crime; more than $1 billion stolen in the US by Romanian hackers in 2012, according to the American ambassador in Bucharest.

Source: independent.co.uk

[Nytro]

"Romania is known as a hub for cyber crime; more than $1 billion stolen in the US by Romanian hackers in 2012, according to the American ambassador in Bucharest."

Baetii ne-au crescut PIB-ul. Deci mesajul pentru americani este: "Sa va luam in pula!".

[soarta]

Incerca @florinul toate posibilitatile pe serverele yahoo

[Gotyc]

Romania mereu o sa fie top 1 in lume la asa ceva pentru ca avem minti minunate dar nu si expluatate in mod corect.. (De stat cu un salar bun etc)

[nein]

servers with a $25 voucher for company merchandise.

ahahahah:)))

[Ganav]

Vad ca nu au prins-o pe tanti dintr-un unghi prea reusit; al dracului "tiganii" astia: ieri cerseau, astazi destabilizeaza concerne internationale.

[pkkk]

ai dreacu 25 de $, chitrosii dreacu care fac milioane.

[Aerosol]

I-a crosetat un pici.

1) Tipa e gravida?

2) Voi vedeti ce gura are? )

[quadxenon]

http://innovationjockeys.yahoo.net/tictac_chk_req.php