Hello, Guest!

Cybersecurity

CISA Warns of Backdoor Threat in Open-Source Linux Tool

XZ Utils

CISA Warns of Backdoor Threat in Open-Source Linux Tool

The Cybersecurity and Infrastructure Security Agency has urged software developers and users to downgrade the XZ Utils open-source Linux file compression and transfer capability to older versions, warning that the tool’s updates include a malicious code that provides hackers a backdoor to bypass Secure Shell authentication and access affected systems.

A malicious actor with suspected ties to a nation-state cyber collective planted the self-installation script in a Feb. 23 tool update, enabling the vulnerability to be automatically installed into production versions of Ubuntu, a Linux distribution that major companies used in IT stacks, Nextgov/FCW reported

GitHub has already disabled the repository containing the exploit and begun assessing how the code was integrated into Linux offerings. According to an Ubuntu maintainer, the malicious actor is a user who contributed to the XZ Utils build for two years. 

In an alert issued on Friday, CISA advised developers and users to monitor and detect any malicious activity and report positive findings to the agency.

A Politico report indicated that the FBI and the National Security Agency will likely investigate the cyber incident.

Potomac Officers Club Logo
Become a Potomac Officer Club Insider
Sign up for our weekly email & get exclusive event, and speaker updates, and find networking opportunities to connect with GovCon decision makers.

Category: Cybersecurity