FireEye has been monitoring Shellshock-related attacks closely since the vulnerability was first made public last week. Specifically, FireEye has observed attackers attempting to exploit the BASH remote code injection vulnerability against Network Attached Storage systems (NAS). These attacks result in the hackers having a root level remote shell, gaining full access to the contents of the NAS. The observed targets have been primarily located in Japan and Korea with one additional target observed in the US. The only known data on the attackers currently are that two of their malware host servers are located in Korea and the US.
more here..........http://www.fireeye.com/blog/technical/2014/10/the-shellshock-aftershock-for-nas-administrators.html
more here..........http://www.fireeye.com/blog/technical/2014/10/the-shellshock-aftershock-for-nas-administrators.html