Backdoor in utility commonly used by Linux distros risks SSH compromise (www.scmagazine.com)

submitted 7 months ago by zephyreks@lemmy.ml to c/worldnews@lemmy.ml

5 comments fedilink hide all child comments

Discovered by Andres Freund: https://www.openwall.com/lists/oss-security/2024/03/29/4

you are viewing a single comment's thread
view the rest of the comments

[-] mlg@lemmy.world 2 points 7 months ago

This makes sense, but the implementation itself was also kind of sloppy. I think it was bound to be found sooner or later, which seems oddly unlikely for an APT that would spend more time and effort hiding it.

I wouldn't expect China, NSA, or any big name APT to be behind this.

I wonder if it was really a state actor or actually just a random blackhat group trying to gg ez a backdoor.

[-] intelshill@lemmy.ca 7 points 7 months ago

Way too big of a target for a black hat group imo. It was only sloppy because they got caught.

The length of this project points to external funding.

this post was submitted on 30 Mar 2024

85 points (94.7% liked)

World News

32316 readers

531 users here now

News from around the world!

Rules:

Please only post links to actual news sources, no tabloid sites, etc
No NSFW content
No hate speech, bigotry, propaganda, etc

founded 5 years ago

MODERATORS

Rumblestiltskin@lemmy.ml

AgreeableLandscape@lemmy.ml

jackmarxist@lemmy.ml

zephyreks@lemmy.ml

OurToothbrush@lemmy.ml