Shellshock continues to reverberate: Attackers are exploiting recently discovered vulnerabilities in the Bash command-line interpreter in order to infect Linux servers with a sophisticated malware program known as Mayhem.
Mayhem was discovered earlier this year and was thoroughly analyzed by researchers from Russian Internet firm Yandex. It gets installed through a PHP script that attackers upload on servers via compromised FTP passwords, website vulnerabilities or brute-forced site administration credentials.

The link for this article located at Network World is no longer available.