World News

32316 readers

1007 users here now

News from around the world!

Rules:

Please only post links to actual news sources, no tabloid sites, etc
No NSFW content
No hate speech, bigotry, propaganda, etc

founded 5 years ago

MODERATORS

[email protected]

Backdoor in utility commonly used by Linux distros risks SSH compromise (www.scmagazine.com)

submitted 7 months ago by [email protected] to c/[email protected]

4 comments fedilink hide all child comments

Discovered by Andres Freund: https://www.openwall.com/lists/oss-security/2024/03/29/4

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 3 points 7 months ago (1 children)

This makes sense, but the implementation itself was also kind of sloppy. I think it was bound to be found sooner or later, which seems oddly unlikely for an APT that would spend more time and effort hiding it.

I wouldn't expect China, NSA, or any big name APT to be behind this.

I wonder if it was really a state actor or actually just a random blackhat group trying to gg ez a backdoor.

[–] [email protected] 7 points 7 months ago

Way too big of a target for a black hat group imo. It was only sloppy because they got caught.

The length of this project points to external funding.