BASHLITE Malware leverages ShellShock Bug to Hijack Devices Running BusyBox

Cyber criminals are using new malware variants by exploiting GNU Bash vulnerability referred to as ShellShock (CVE-2014-6271) in order to infect embedded devices running BusyBox software, according to a researcher.

A new variant of “Bashlite” malware targeting devices running BusyBox software was spotted by the researchers at Trend Micro shortly after the public disclosure of the ShellShock vulnerability.

BusyBox provides set of command line utilities that are specifically designed to run in constrained embedded environments. At compile time, different capabilities can be left out, reducing the size of the binaries….


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s