Vulnerability Management

Shellshock used to amass botnet and execute phishing campaign

Unknown attackers harnessed the Shellshock vulnerability, or "Bash bug," to amass a botnet of 360 bots and launch a phishing campaign on Spanish-speaking Citibank customers.

StealthWatch Labs noted in a blog post that the majority of the bots are running Linux, and some voice over internet protocol (VoIP) devices were targeted, specifically MiVoice Office (Mitel 5000) devices. This technology could be alluring because it might not be thought of as needing a patch, according to the blog post.

Through the attackers' commands, the bots sent more than 100,000 phishing emails in Spanish that told potential victims their Citibank card was deactivated and could be reactivated through a supplied link.

The command-and-control server for the botnet is now offline.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.