Researchers have discovered hackers trying to exploit the Shellshock Bash vulnerability to compromise network attached storage devices in universities in the U.S., Japan and Korea.

The attackers were taking advantage of a publicly disclosed security weakness in which the Web servers embedded in the devices manufactured by QNAP have administrative privileges by default, researchers for FireEye said Wednesday.

Once attackers compromise the server and get these privileges, they have full control of the device.

“They (QNAP) acknowledged this particular vulnerability on their website,” Josh Gomez, security researcher at FireEye, said.

To read this article in full or to leave a comment, please click here