How long has shellshock been exploited?

[Bruce Ediger <bediger () stratigery com>]

I caught this conversation on an IRC channel that's used by some
kind of cheesy Linux perl bot as a C&C channel:

Intruder:  :hai"
Intruder:  :wait"
Intruder:  :1 sec"
Intruder:  :i not here for trouble"
Intruder:  :not gonna steal your shitty perlbots"
Intruder:  :promise"
Admin:     :you cant steal my shitty perlbots :))"
Intruder:  :cool story bro"
Intruder:  :anywho"
Intruder:  :y use such shit code?"
Admin:     :that shit code is just for fun :)"
Intruder:  :lol word"
Intruder:  :how much powah this shitnet actually hold?"
Intruder:  :and all shellshock, i presume?"
Admin:     :everyone is saying shellshock shellshock"
Admin:     ::)"
Admin:     :fuck shellshoc"
Admin:     ::)"
Intruder:  :couldnt agree more"
Intruder:  :cant believe it took until 2014"
Intruder:  :for someone to publish anything"

The last two lines seem to imply that Shellshock was known about
for far longer than it's been public.  Is that so?  I've been
watching my Apache log files pretty carefully for 4 years, and
I've not seen anything like shellshock until very recently.

Just for the record, the administrator of the botnet spreads his
shitty perlbots via the PHP-as-CGI-BIN program pre-execution bug.

--
NSA CIA FBI NRO TSA JENKEM DHS BUTTHASH SNOWDEN GCHQ ECHELON FASTSCOPE
Warrantless wiretapping is un-American and unpatriotic: Defund the NSA.
BANANAGLEE FEEDTROUGH MUSCULAR DROPOUTJEEP FOXACID FELLWOCK
FASHIONCLEFT TOYGRIPPE CORALREEF HAMMERCHANT PRESSUREWAVE CAMELTOE POISON NUT
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.