The following article is a update on large scale attacks

(Shellshock: 'Larger scale attack' on its way, warn securo-bods)

By John Leyden, 29 Sep 2014
 
The Shellshock vulnerability has already become the focus for malicious scanning andat least one botnet but crooks are still testing the waters with the vulnerability and much worse could follow, security watchers warn.
Net security firm FireEye said it has seen all manner of overtly malicious traffic leveraging the Bash bug, including DDoS attacks, malware droppers, reverse shell hacks, backdoors and data exfiltration. Some of the suspicious activity seems to be originating from Russia.
 
Attackers have deployed scanners looking for vulnerable machines that have been bombarding networks with traffic since mid-day Wednesday. So far, the Common Gateway Interface vector (an interface between a web server and executables that produce dynamic content) has received the bulk of the attention from attackers. However the scope of the Bash Shell Shock bug extends far behind web server
 
The Register/ full article here/ http://www.theregister.co.uk/2014/09/29/shell_shock_bash_vuln_large_scale_attack/