Skip to main content

A Georgia election server was vulnerable to Shellshock and may have been hacked

posted onJanuary 20, 2020
by l33tdawg
Arstechnica
Credit: Arstechnica

Forensic evidence shows signs that a Georgia election server may have been hacked ahead of the 2016 and 2018 elections by someone who exploited Shellshock, a critical flaw that gives attackers full control over vulnerable systems, a computer security expert said in a court filing on Thursday.

Shellshock came to light in September 2014 and was immediately identified as one of the most severe vulnerabilities to be disclosed in years. The reasons: it (a) was easy to exploit, (b) gave attackers the ability to remotely run commands and code of their choice, and (c) opened most Linux and Unix systems to attack. As a result, the flaw received widespread news coverage for months.

Despite the severity of the vulnerability, it remained unpatched for three months on a server operated by the Center for Election Systems at Kennesaw State University, the group that was responsible for programming Georgia election machines. The flaw wasn't fixed until December 2, 2014, when an account with the username shellshock patched the critical vulnerability, the expert’s analysis of a forensic image shows. The shellshock account had been created only 19 minutes earlier. Before patching the vulnerability, the shellshock user deleted a file titled shellsh0ck. A little more than a half hour after patching, the shellshock user was disabled.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th