News Minimalist logo

XZ Utils backdoored for covert SSH access on Linux

Help Net Security April 8, 2024, 02:00 PM UTC

Summary: The XZ Utils compression utility was backdoored by a threat actor aiming for covert SSH access on Linux systems. The backdoor was discovered by a Microsoft engineer and has affected stable versions of some Linux distros. Tools and scripts have been released to detect the backdoor, which requires authentication via a private SSH key. Security firms like Binarly and Bitdefender have developed scanners for this purpose. Elastic Security Labs also provided detection rules.

Full article

Article metrics

The article metrics are deprecated.

I'm replacing the original 8-factor scoring system with a new and improved one. It doesn't use the original factors and gives much better significance scores.

Timeline:

  1. [5.6]
    Volunteer engineer finds cybersecurity threat in XZ Utils (The Japan Times)
    151d 16h

    ScoresSource
  2. [5.6]
    Malicious code found in XZ Utils on Good Friday (The Guardian)
    154d 10h

    ScoresSource
  3. [6.6]
    Andres Freund prevented cybersecurity breach in XZ Utils software (The Hindu)
    154d 20h

    ScoresSource
  4. [5.6]
    Andres Freund uncovers sabotage in XZ Utils, preventing crisis (The Japan Times)
    155d 0h

    ScoresSource
  5. [6.1]
    Backdoor discovered in XZ Utils by Microsoft developer (The Intercept)
    157d 2h

    ScoresSource
  6. [5.9]
    Free online scanner detects XZ Utils backdoor in Linux (TechRadar)
    157d 9h

    ScoresSource
  7. [6.2]
    Linux narrowly avoided cyber attack from XZ Utils backdoor (The Verge)
    158d 1h

    ScoresSource
  8. [5.7]
    Supply chain attack targets XZ Utils in Linux distributions (Cybersecurity Dive)
    158d 3h

    ScoresSource
  9. [7.2]
    Backdoor in XZ Utils allows unauthorized root access (WIRED)
    158d 16h

    ScoresSource
  10. [5.9]
    Backdoor in XZ Utils poses security risk in Linux (Nextgov/FCW)
    159d 9h

    ScoresSource
  11. [5.8]
    Critical Linux vulnerability; update XZ Utils before 5.6.0 (IT World Canada)
    159d 13h

    ScoresSource
  12. [5.9]
    Backdoor found in xz Utils for Linux systems (Ars Technica)
    159d 18h

    ScoresSource
  13. [6.3]
    Critical xz package vulnerability discovered on Debian, CVE-2024-3094 (TechRadar)
    160d 4h

    ScoresSource
  14. [5.9]
    XZ Utils compromised by maintainer "Jia Tan." (Help Net Security)
    160d 6h

    ScoresSource
  15. [6.6]
    Critical XZ Utils vulnerability allows unauthorized system access (Help Net Security)
    160d 17h

    ScoresSource
  16. [5.9]
    Critical security flaw in xz-utils threatens Linux and macOS (Security Boulevard)
    160d 20h

    ScoresSource
  17. [5.5]
    Malicious code in xz libraries poses security threat (The New Stack)
    161d 6h

    ScoresSource
  18. [4.3]
    Backdoor in xz compression utility version 5.6.0 discovered (SC Media)
    162d 1h
    Source
  19. [4.1]
    Backdoor found in xz Utils 5.6.0/5.6.1, affecting Linux distributions (Ars Technica)
    162d 5h
    Source
  20. [6.1]
    Critical XZ Utils vulnerability (CVE-2024-3094) compromises Linux systems (Help Net Security)
    162d 7h

    ScoresSource