Concerns now centre around "BashLite" malware, which, once executed on a victim machine, can probe for devices such as routers and Android phones running BusyBox to brute force logins through a preset list of usernames and passwords.
However, Nick Glynn, Embedded Linux and Technical Consultant at Feabhas explains what BashLite is and offers reassurance and security tips to anyone using BusyBox:
“Busybox itself was never vulnerable to the original Shellshock exploit because it uses an alternative shell – ash (which isn't a bug-for-bug implementation of Bash).
"BashLite appears to be a fairly run-of-the-mill piece of malware riding on the coat tails of the significantly more dangerous ShellShock CVE. It is a backdoor opening, information stealing tool that can also be used as part of Command & Control based attacks.
"It is also typically the second prong of an attack that has already granted access to the system - either by ShellShock itself or by administrators and/or implementers, deploying backdoored scanners to check their devices for ShellShock.”
"As BusyBox users ourselves, we suggest the following tips to ensure that your Linux device remains secure:
1.Ensure that you have installed all the necessary BusyBox patches on your device
2.Don’t forget to do the same for your development machines
3.Implement an update strategy – and enable this to be automated, if you can
4.Where possible, try to keep any devices still in development, off the internet, while they are vulnerable to attack
5.Use the quality control process to check that your devices use components with no history of bugs
"For those who are concerned about security and the types of attacks faced by embedded Linux users, Feabhas offers a popular four-day Secure Linux Programming course. This gives attendees practical, hands-on experience of the impact and means of securing Linux systems against malicious agents via an in-depth look at active exploitation techniques and mitigation."
*******
For more information, please go to www.feabhas.com
__________________________________________________________