Shellshock bug threatens Linux, Mac users worldwide

Shiena Bernardino
Screenshot of Bash software found in Linux and Mac computers. The new Shellshock bug is threatening to attack this software. Wikipedia

Security researchers warned Linux and Mac OS X users about the recently discovered bug that could be far worse than Heartbleed.

According to the Daily News, the cybersecurity team of the U.S. Department of Homeland Security had issued a warning Wednesday about the possible attack of the Shellshock bug. It is known to attack the Bourne Again Shell (Bash) software installed on most Mac and Linux computers.

Known officially as CVE-2014-6271, the Shellshock bug poses an adverse effect on the Bash command processor that is used to launch applications in the computer by typing text commands.

International Business Times described the bug as: "In theory it means an attacker could force a vulnerable system to set specific environment variables, which in turn could allow them execute shell commands."

Just like the Heartbleed bug that threatened worldwide computer users last April, Shellshock is considered as a persistent flaw that will take several years on order to be resolved by security researchers. Yet the new bug is far more difficult to contain, since hackers will now have a different way of attacking computer or mobile devices to obtain valuable information.

The security researchers are particularly worried about the unknown effect of this bug to Apple Mac computers.

To determine if a computer had been inflicted with the Shellshock bug, here is a step-by-step process:

For Mac users:

Type: "Terminal"

Followed by env x='() ; echo vulnerable' bash -c "echo this is a test"

Hit: Enter

Users can easily find out if their device is safe if the command results to the text:

"bash: warning: x: ignoring function definition attempt bash: error importing function definition for 'x' this is a test"

The device is infected with the bug if the command responds with the text:

"vulnerable this is a test"

For non-Mac users:

Type: "Terminal"

Followed by "env x='() { :;}; echo vulnerable' bash -c 'echo hello'"

Hit: Enter

The device is safe if the response says:

"bash: warning: x: ignoring function definition attempt

bash: error importing function definition for 'x'

hello"

The device is infected with the bug if the command responds with the text:

"vulnerable

hello"

As of the moment, security researchers still have to find out if the Shellshock can be fixed or not.

Newsletter Stay up to date with Christian Today
News
The groundbreaking BBC series that brought Jesus to TV screens
The groundbreaking BBC series that brought Jesus to TV screens

Seventy years ago, in February 1956, the BBC aired the mini-series “Jesus of Nazareth”, which was the first filming of the life of Jesus to be created for television. This is the story …

Christians mobilised to oppose extreme abortion law changes
Christians mobilised to oppose extreme abortion law changes

Christians are being asked to urge peers to support amendments tabled by Baronesses Monckton and Stroud.

Thousands of Christians return to churches in north-east Nigeria despite years of terror
Thousands of Christians return to churches in north-east Nigeria despite years of terror

The faithful are returning “in their thousands, not hundreds” despite more than a decade of brutal violence.

Trump is '100 per cent' more spiritual after assassination attempt, says pastor friend
Trump is '100 per cent' more spiritual after assassination attempt, says pastor friend

Trump's pastor and friend Mark Burns said the US President knows "the hand of God' was on him when he survived the 2024 assassination attempt.