The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind

by
hubie
from on (#6KXF3)

owl writes:

https://www.wired.com/story/jia-tan-xz-backdoor/

The Wired article linked above is a good high level overview. For those interested in the low level how does it work, how was it hidden details then this web page is a good read: The xz attack shell script

Quote from Wired article:

The scourge of software supply chain attacks-an increasingly common hacking technique that hides malicious code in a widely used legitimate program-can take many forms. Hackers can penetrate an update server to seed out their malware, or even break into the network where the software was developed to corrupt it at the source. Or, in the case of one particularly insidious software supply chain attacker known as Jia Tan, they can spend two years politely and enthusiastically volunteering to help.

Over the weekend, the cybersecurity and open source software community was shocked by the news that a relatively new, experimental version of XZ Utils-a compression utility integrated into many popular distributions of Linux-contained a backdoor that would have allowed hackers in possession of a specific private key to connect to the backdoored system and run their own commands as an administrator. Only some chance detective work carried out by a lone Microsoft engineer, Andres Freund-who'd detected a strange delay in how the remote connection protocol SSH was running in a version of the Linux variant Debian-caught the spy trick before it ended up in many millions of systems worldwide.

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title
Feed Link https://soylentnews.org/
Reply 0 comments