A fascinating but ominous software story dropped on Friday: a widely used file compression software package called “xz utils” has a cleverly embedded system for backdooring shell login connections, and it’s unclear how far this dangerous package got into countless internet-enabled devices. It appears the persona that injected this played a long game, gaining the […]
I wonder if the intention could be purely financial as well: Once the backdoor is in, you can sell it for millions to a company which sells the service of breaking into systems. Or it was such a company itself that pushed the backdoor into the code.
I wonder if the intention could be purely financial as well: Once the backdoor is in, you can sell it for millions to a company which sells the service of breaking into systems. Or it was such a company itself that pushed the backdoor into the code.