Within a day of the Bash bug dubbed 'shellshock' being disclosed, it appears that attackers are already looking for ways to use it for their advantage. Security researchers have found proof of concept code that attempts to exploit the serious bug discovered this week in Bourne-Again Shell, also known as Bash, which according to US CERT affects both Linux and Mac OS X. The good news yesterday that
some Linux distributions shipped patches for the bug yesterday has already been tempered by the discovery that those patches only partially dealt with potential attacks. In an update overnight, Red Hat said that it was developing a new patch, however, it is still advising users to apply the incomplete one for now.
At the same time as security experts have been racing to develop fixes for the bug and patch systems, it appears hackers have been working on tools to attack vulnerable systems. Security researcher Yinette yesterday
reported discovering the first attack in the wild that exploits the bug, which has been officially documented as CVE-2014-6271. Security researchers malwaremustdie.org have since analysed the malware, finding numerous functions including distributed denial of service (DDoS) IRC bot as well as a feature that attempts to guess passwords and logins on vulnerable servers, using a list of poor passwords such as 'root', 'admin', 'user', 'login', and '123456'. AusCERT earlier yesterday also claimed to have received
reports the bug was being exploited in the wild.