NAS devices under attack by Shellshock exploit

Posted on Thursday, October 02 2014 @ 18:17 CEST by Thomas De Maesschalck
UPDATE October 3, 2014: QNAP has issued patches for the Bash vulnerability, you can download them over here.




IT World writes hackers are using the "Shellshock" Bash vulnerability to gain access to QNAP NAS devices in universities in the US, Japan and Korea. All QNAP network-attached storage devices are vulnerable to CVE-2014-6271, one of the six recently discovered security flaws in the GNU Bash. Security firm FireEye writes hackers are targeting NAS devices because these would be desirable targets that can contain sensitive, interesting or valuable information. In related news, it was also discovered earlier this week that OpenVPN servers are vulnerable to Shellshock, under certain configurations. Due to the broad scope of the vulnerability, it's expected that many more attacks will follow.
The attackers were taking advantage of a publicly disclosed security weakness in which the web servers embedded in the devices manufactured by QNAP have administrative privileges by default, researchers for FireEye said Wednesday.

Once attackers compromise the server and get these privileges, they have full control of the device.

"They (QNAP) acknowledged this particular vulnerability on their website," Josh Gomez, security researcher at FireEye, said.

Knowing the vulnerability existed; the attackers scanned the devices for Shellshock and downloaded malware using autostart script provided by the manufacturer, James Bennett, threat researcher for FireEye, said. The script is used to have programs start automatically.


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments