The backdoor sows panic in the Linux community
A big panic in the Linux community. The backdoor will actually be added to many popular Linux distributions. The worst was narrowly averted, but questions remain about the author of this backdoor that has operated in secret for years.
Last Friday, a Microsoft software engineer, Andreas Freund discovered the presence of the backdoor in XZ Utils, a free software toolkit for compressing and decompressing XZ format files. This set of software is widely used in Linux and Unix operating systems.
An intrusion narrowly avoided
Andreas Freund discovered this backdoor after benchmarking the Debian distribution. During testing, the engineer determined that XZ Utils used a lot of CPU resources related to SSH processes, a network protocol used to communicate securely (typically, for remote access to servers).
After this discovery, publishers Red Hat and Debian published an alert to warn the general public about this threat (CVE-2024-3094). Fortunately, we avoided the worst: the malicious component of XZ Utils was not integrated into the stable versions of Red Hat Linux and Debian.
However, backdoors have found their way into beta or experimental Linux distributions (Fedora Rawhide, Red Hat Fedora 40 beta, etc.). Affected users are strongly recommended to roll back to previous OS versions. A backdoor gives hackers full power to execute code on an infected computer.
This advice was reiterated by the US Cyber Security and Infrastructure Security Agency (CISA). Needless to say, it is very serious.
Backdoor integration into its credibility in the community. It was in February that he installed the famous backdoor in versions 5.6.0 and 5.6.1 of XZ Utils. The hacker then forced Ubuntu, Red Hat and Debian to integrate the compromised version into their distributions.
Little is known about Jia Tan, who also worked on other important Linux components. Regardless, the Linux community was very scared, and this story may well push them to strengthen security around the development of the OS.
🔴 To not miss any news from 01net, follow us on Google News and WhatsApp.
By: Opera
Source:
ArsTechnica