State-sponsored hackers inject malware into "XZ" library

blue_devil · #3 04-02-2024, 14:28

Quote:

Originally Posted by chants

Makes you wonder how many other open source projects are backdoored but noone noticed or investigated. Kind of scary.

This is what I am talking about

If you are interested in state-sponsored-hackers. You should also read how Ken Thompson injected a virus to a compiler.

Code:

https://wiki.c2.com/?TheKenThompsonHack

From the article: "Not only did his compiler know it was compiling the login function and inject a backdoor, but it also knew when it was compiling itself and injected the backdoor generator into the compiler it was creating. The source code for the compiler thereafter contains no evidence of either virus."

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
How come new registrants given "guest" rank and not even a "friend" rank?	OldieHans	General Discussion	4	09-25-2023 12:19
When use "vendor defined encryption routines", how to set daemon related part?	bridgeic	General Discussion	6	01-22-2015 11:35
Wlscgen: Are "Vendor Id" and "Developer Id" different ?	Numega Softice	General Discussion	6	02-12-2007 18:12

The Following 2 Users Say Thank You to blue_devil For This Useful Post:
chants (04-02-2024), NON (04-02-2024)