Bashed and Shellshocked: Early Reports of Exploitation in the Wild
Get Trending Threat Insights with Cyber Daily Subscribe Today

Bashed and Shellshocked: Early Reports of Exploitation in the Wild

September 25, 2014 • Matt Kodama

Lots of IT security teams are at work right now to patch the Shellshock vulnerability (CVE-2014-6271) ASAP – while keeping an eye on their threat intelligence sources for exploitation in the wild. And the reports are coming in…

One of the first reports via GitHub identified the IP 162.253.66.76 as the source of suspicious activity. We took a quick look in our OSINT archive, using Maltego, to make an initial assessment. Pentester scanning? Malicious? Looks like the latter.

Shellshock Assessment Using Maltego

Click image for larger view

Looked at on a Recorded Future timeline, the reporting involving suspicious activity and blocking of this IP address date back to early September.

Shellshock-Associated IP Address Timeline

Click image for larger view

Here’s the view a few hours later, when many other authors on the web were linking this IP address to Shellshock.

Shellshock Assessment Using Maltego

Click image for larger view

Time to patch!

New call-to-action

Related Posts

WeTheNorth: A New Canadian Dark Web Marketplace

WeTheNorth: A New Canadian Dark Web Marketplace

October 19, 2021 • The Recorded Future Team

This Summer, Insikt Group discovered a new Canada-focused darknet marketplace called WeTheNorth, a...

Shining a Light on RedLine Stealer Malware and Identity Data Found in Criminal Shops

Shining a Light on RedLine Stealer Malware and Identity Data Found in Criminal Shops

October 14, 2021 • Ellen Wilson

As threat actors continue to expand their attack surface - with cloud systems and supply chain...

How to Detect Cobalt Strike: An Inside Look at the Popular Commercial Post-Exploitation Tool

How to Detect Cobalt Strike: An Inside Look at the Popular Commercial Post-Exploitation Tool

September 14, 2021 • Jake Munroe

Throughout history there are many examples of inventions created with good intentions (and maybe...