National Cyber Warfare Foundation (NCWF) Forums


xz Utils Backdoor


0 user ratings
2024-04-02 19:40:29
milo
Blue Team (CND) , Malware

 - archive -- 

The cybersecurity world got really lucky last week. An intentionally placed backdoor in xz Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have been incorporated into both Debian and Red Hat Linux. From ArsTehnica:



Malicious code added to xz Utils versions 5.6.0 and 5.6.1 modified the way the software functions. The backdoor manipulated sshd, the executable file used to make remote SSH connections. Anyone in possession of a predetermined encryption key could stash any code of their choice in an SSH login certificate, upload it, and execute it on the backdoored device. No one has actually seen code uploaded, so it’s not known what code the attacker planned to run. In theory, the code could allow for just about anything, including stealing encryption keys or installing malware...



The post xz Utils Backdoor appeared first on Security Boulevard.



Bruce Schneier

Source: Security Boulevard
Source Link: https://securityboulevard.com/2024/04/xz-utils-backdoor/


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Blue Team (CND)
Malware



Copyright 2012 through 2024 - National Cyber Warfare Foundation - All rights reserved worldwide.