Businesses and consumers are being warned to brace themselves for a new software bug which could take control of hundreds of millions of computers, servers and devices.
According to tech experts, the Shellshock bug makes the so-called “Heartbleed” virus look as innocuous as the common cold.
“Whereas something like Heartbleed was all about sniffing what was going on, this was about giving you direct access to the system,” Prof Alan Woodward, a security researcher from the University of Surrey, told the BBC. “The door’s wide open.”
The flaw has been found in a software component called “Bash” which is a part of many Linux systems, as well as Apple’s Mac operating system.
Some 500,000 machines worldwide were thought to have been vulnerable to Heartbleed, but early estimates suggest Shellshock could hit at least 500 million machines.
Cybersecurity specialists Rapid7 rated the Bash bug as 10 out of 10 for severity, but “low” on complexity – a relatively easy vulnerability for hackers to capitalise on.
“Using this vulnerability, attackers can potentially take over the operating system, access confidential information, make changes, etc,” said Tod Beardsley, a Rapid7 engineer.
Related stories
NSA ‘used Heartbleed for years’
Hacks up as Heartbleed fuels panic
Half of eBay users now wary
Marketers shoulder hacking costs
Cyber gang banged up for 30 years
Adobe data attack ‘may hit billions’
Top US stars hit by D&B breach
Foxtons hit by online hack attack
Hacking staff could wind up firm
58m rocked by Ubisoft hack attack
