Earlier this year, a security issue known as Heartbleed was discovered which affected a wide range of different online platforms based on OpenSSL, including Bitcoin.
Though the issue had existed for some time, it was only discovered then. And to the credit of Bitcoin Core’s development team, they came up with a patch for it quickly, releasing Bitcoin Core 0.9.1 to remove that security risk.
But now, a new security risk looms on the horizon, and it could be a much bigger threat than Heartbleed.
Bash
Bash, a software used to control the command prompt in many Unix-based systems, including MacOS.
The Bash bug, which is being called SHELLSHOCK, was discovered last night. The UK National Computer Emergency Response Team (CERT-UK), a state-sponsored computer security research organization, posted an advisory about SHELLSHOCK which they upgraded to an alert today.
In it, they describe SHELLSHOCK and the potential danger it can cause. “This vulnerability enables unauthenticated users to run arbitrary commands, and in some configurations remote code execution is possible.” Essentially, SHELLSHOCK allows an attacker to gain control of a system without permission.
CERT-UK, NIST, and other independent security research groups are classifying SHELLSHOCK as the highest possible threat rating to computer security.
Is Bitcoin In Danger?
While Heartbleed was a vulnerability in Bitcoin Core, SHELLSHOCK goes deeper than that.
Because Bitcoin Core’s startup and shutdown sequence works through Bash, it creates an opening through which attacks can occur.
And of course, anyone running a Linux-based machine, or who stores coins or data on a Limux-based system, is at risk.
Protect Yourself From SHELLSHOCK
CERT-UK offers some advice on how to protect yourself from SHELLSHOCK:
Patch systems at the earliest possible opportunity
Follow good cyber security practices to secure internet connected devices:
– Block unnecessary inbound traffic at the firewall
– Disable unnecessary services running on devices
– If running web server software, ensure it runs from low privilege accounts
– Filtering input to websites, through a Web Application Firewall, can also help to limit impact
– Ensure logging and auditing functionality is enabled and actively monitored
Disabling advanced functionality, such as cgi-bin, can help to mitigate some of the impact of the vulnerability, but this may have an adverse effect on websites.
Patches are available for many of the bigger Linux distrubutions. You can find the updates for CentOS, Ubuntu, and Debian here.
Newly Discovered SHELLSHOCK Bug Could Leave Your Bitcoins Vulnerable
No comments:
Post a Comment