[kwlug-disc] Fw: Backdoor found in widely used Linux utility
Mikalai Birukou
mb at 3nsoft.com
Mon Apr 1 13:57:24 EDT 2024
> Here is a very readable detailed breakdown of how obfuscated shell
> scripting was used in this exploit.
>
> Very clever, very opaque, and effective.
>
> The committer of these files took a few years to lay the groundwork
> for his exploit (2021 to 2024, most likely by gaining trust first).
>
> One tends to think this is funded by (or will be sold to) a state
> actor or organized crime ...
>
> https://gynvael.coldwind.pl/?id=782
The original stylistic of build code is impenetrable. And with this code
one is looking say, for new maintainer of the project, or new
features/patches. C'mon.
The fight for clarity in code both in the artifact and tooling is only
secondarily about security. Clarity is firstly about all other stuff.
More information about the kwlug-disc
mailing list