Shellshock worm is now exploiting new devices. Now network attached storage (NAS) devices are vulnerable to the Bash flaw and it is actively scanning the internet for more unprotected devices.
The Shellshock worm creates a backdoor on QNAP network attached storage (NAS) devices. IT consultants have stated that it appears that hackers are using the recent exploit to run several scams including click fraud. It seems that hackers are currently creating the backdoor so they can install addition malware in the future. Basically they are stock piling resources for future uses.
In October, QNAP released a patch to address the Bash vulnerability on its Turbo NAS products. Vulnerabilities are difficult for companies to manage and most are not even aware that it is present and that they have been exposed to threats such as Bash. For those who do not know, Bash affects Linux and UNIX primarily but in some cases even Windows operating systems were subject to this threat.
The Bash vulnerability is accessed quietly using many different functions which makes comprehensive patching difficult however many Managed IT Services providers (MSPs) and IT support services were proactive and patched all these threats proactively using remote monitoring and management (RMM) and professional services automation (PSA) tools.
For companies using QNAP devices, this is a large security threat as many companies are using these drives as shared drives or for local backups or even virtual machines. If your device is hacked by this threat, the hacker may have access to an entire organizations infrastructure.
So how do you protect your business from Shellshock Worm?
- You should have a backup of the system you are attempting to update.
- Log in to the admin interface of the network attached storage (NAS) device.
- The home screen of the device will state if there is any available updates or patches.
- Once installed, most devices require a quick reboot in order for the updates to take effect.