🤯 The level of sophistication of the XZ attack is very impressive! I tried to make sense of the analysis in a single page (which was quite complicated)! I hope it helps to make sense of the information out there. Please treat the information "as is" while the analysis progresses! 🧐 #infosec #xz

Mar 31, 2024 · 7:45 AM UTC

101
3,166
245
12,540
Kudos to the amazing researchers that published their analysis: - gynvael.coldwind.pl/?lang=en… by @gynvael - gist.github.com/thesamesam/2… by @thesamesam@social.treehouse.systems - boehs.org/node/everything-i-… by @eb@social.coop - openwall.com/lists/oss-secur… by @AndresFreundTec - wiz.io/blog/cve-2024-3094-cr… by @wiz_io And all the others!! 🫶
1
52
4
437
gist.github.com/smx-smx/a611… by smx

[WIP] XZ Backdoor Analysis and symbol mapping

[WIP] XZ Backdoor Analysis and symbol mapping. GitHub Gist: instantly share code, notes, and snippets.

gist.github.com
2
20
136
Replying to @fr0gger_
nice graphic/work dude 🫡 I would still lol if its just a nerd who got fed up of maintaining stuff for free :P
1
57
Hahah I am pretty sure there are more out there 😱
2
37
more replies
Replying to @fr0gger_
Nice
1
5
Thanks this is my current state :D
11
GIF
Replying to @fr0gger_
Love this.
1
3
Thanks John 🙏🤩
2
Replying to @fr0gger_ @DanielMiessler
Hi, what tool did you use to create this visualization?
1
1
Canva
1
Replying to @fr0gger_
Excellent explanation, many thanks!
1
11
🙏😊
2
Replying to @fr0gger_
Really nice work ! Would you mind sharing the tool you're using to produce these sheets ?
1
9
I am using Canva :)
1
43
more replies
Replying to @fr0gger_
Thank you, it will help me understand
1
3
Glad it helps 🙂
1
Replying to @fr0gger_ @mrgretzky
Fantastic work on this. Thank you.
1
2
Thanks :)
1
Replying to @fr0gger_
Thanks for your work end efforts. but why the ugly fonts? makes it very difficult to read...Arial/Verdana is your friend ;-)
1
1
I just like this font but I'll try to think about it next time :)
1
7
more replies
Replying to @fr0gger_
Can I use this in a presentation? Will include the credit of course
1
1
Yes no worries 🙂
1
Replying to @fr0gger_
Great writeup.
1
Replying to @fr0gger_
Love your work sir 👌
1
Replying to @fr0gger_
Bien fait 👏 🐸
1
Replying to @fr0gger_
This is fantastic, great work!! I wonder if you want to add a line mentioning the "Jigar Kumar" user kicking off the op by pressuring on the XZ maintainer as part of the two-year campaign. @thegrugq has a great writeup.
thaddeus e. grugq
 @thegrugq
31 Mar 2024
The xz backdoor was the final part of a campaign that spanned two years of operations. These operations were predominantly HUMINT style agent operations. There was an approach that lasted months before the Jia Tan persona was well positioned to be given a trusted role.
1
4
Replying to @fr0gger_
All of this, because people are too cheap to buy a rarlabs license.
1
5
Replying to @fr0gger_
That pattern, looks like state-sponsored actor’s work
5
Replying to @fr0gger_
teddit.net/r/technology/comm…

From the technology community on Reddit: Did One Guy Just Stop a Huge Cyberattack? - A Microsoft...

Explore this post and more from the technology community

reddit.com
1
2
Replying to @fr0gger_
piped.video/0pT-dWpmwhA
1
2
Replying to @fr0gger_
Now imagine the number of backdoors that must be in Windows and Mac OS, without source, so there are fewer eyes to check, and more market share to exploit.
1
2
Replying to @fr0gger_
Great work with the picture, this will help people better understand the scope and interactions. I wish this story gets a bit of sociological research like the Samba drama did in the 2000s. From an OSS "governance" & societal viewpoint it is massively interesting.
3
Load more