Shellshock bug threatens Linux, Mac users worldwide

Shiena Bernardino
Screenshot of Bash software found in Linux and Mac computers. The new Shellshock bug is threatening to attack this software. Wikipedia

Security researchers warned Linux and Mac OS X users about the recently discovered bug that could be far worse than Heartbleed.

According to the Daily News, the cybersecurity team of the U.S. Department of Homeland Security had issued a warning Wednesday about the possible attack of the Shellshock bug. It is known to attack the Bourne Again Shell (Bash) software installed on most Mac and Linux computers.

Known officially as CVE-2014-6271, the Shellshock bug poses an adverse effect on the Bash command processor that is used to launch applications in the computer by typing text commands.

International Business Times described the bug as: "In theory it means an attacker could force a vulnerable system to set specific environment variables, which in turn could allow them execute shell commands."

Just like the Heartbleed bug that threatened worldwide computer users last April, Shellshock is considered as a persistent flaw that will take several years on order to be resolved by security researchers. Yet the new bug is far more difficult to contain, since hackers will now have a different way of attacking computer or mobile devices to obtain valuable information.

The security researchers are particularly worried about the unknown effect of this bug to Apple Mac computers.

To determine if a computer had been inflicted with the Shellshock bug, here is a step-by-step process:

For Mac users:

Type: "Terminal"

Followed by env x='() ; echo vulnerable' bash -c "echo this is a test"

Hit: Enter

Users can easily find out if their device is safe if the command results to the text:

"bash: warning: x: ignoring function definition attempt bash: error importing function definition for 'x' this is a test"

The device is infected with the bug if the command responds with the text:

"vulnerable this is a test"

For non-Mac users:

Type: "Terminal"

Followed by "env x='() { :;}; echo vulnerable' bash -c 'echo hello'"

Hit: Enter

The device is safe if the response says:

"bash: warning: x: ignoring function definition attempt

bash: error importing function definition for 'x'

hello"

The device is infected with the bug if the command responds with the text:

"vulnerable

hello"

As of the moment, security researchers still have to find out if the Shellshock can be fixed or not.

Newsletter Stay up to date with Christian Today
News
Scottish politicians recognise work of offshore industry chaplains
Scottish politicians recognise work of offshore industry chaplains

The offshore oil and gas industry can sometimes turn deadly.

Pakistani Christian gives testimony of persecution in front of King Charles
Pakistani Christian gives testimony of persecution in front of King Charles

Open Doors ranks Pakistan the 8th worst persecutor of Christians worldwide.

On commitment
On commitment

Jewish academic and Hebrew scholar Irene Lancaster considers what commitment means in Judaism.

Christians celebrate ‘the beautiful game’ at Wembley
Christians celebrate ‘the beautiful game’ at Wembley

The evening, organised by the Football Association, brought together Christians involved in the game, from grassroots to the Premier League, and organisations that run sports projects across the country.