Posted 4/1/2024, 6:55:22 AM
Backdoor Discovery in Linux Compression Tool Prevents Cyber Attack
- Backdoor implanted in xz Utils, an ubiquitous Linux compression tool, was close to being merged into major distros like Debian and Red Hat
- Backdoor allowed remote takeover of systems via SSH using a predetermined key
- Likely took years to implant - suspicious activity traces back to 2021 under user 'JiaT575'
- Targeted 64-bit Debian or Red Hat systems specifically in its final payload
- Attacker's identity remains unknown; 'Jia Tan' contributor persona touched dozens of projects over years