consequences of hacking xz-utils
As briefly as possible, the history of hacking xz-utils is as follows. Xz-utils is a set of utilities consisting of the xz (de)archiver and the liblzma library. Xz-utils is widely used on popular Linux-based distributions, including Debian and Red Hat. Beginning in 2022, the xz-utils maintainer gained the trust of a user named Jia Tang, who eventually gained control of the repository. This led to the release of two versions (5.6.0 and 5.6.1) with a built-in backdoor. The backdoor was in the code responsible for data compression and decompression using the lzma algorithm. This code is used by many programs and utilities included in Linux distributions, including the OpenSSH server. As a result, a situation is created when an unauthorized user connects via SSH, transfers a specific key, which activates the backdoor. The attacker gains full control over the vulnerable system by executing arbitrary code.
The first thing to note is that this attack was carefully planned and took a long time. Jia Tang submitted the first patch to the XZ-utils repository in April 2022. Subsequently, in the history of communication with the “real” package maintainer Lasse Colin, virtuals were discovered who expressed dissatisfaction with the insufficiently active development and put pressure on a person overloaded with work. The introduction of malicious code occurred gradually, its first elements were sent in the form of a pull request from an anonymous person in June 2023. The final elements were added in February 2024, at the same time Jia Tan announced a change in the xz-utils project website. In March, distribution developers began campaigning to quickly include a new version of the software package in their composition. Virtuals seemingly unrelated to Tan took part in the campaign. For each of them, some kind of reputation was created in the community in the form of contributions to the code of various open source projects.
The attackers targeted projects that could be called infrastructure. xz-utils, or more precisely the liblzma library, is accessed by a large number of other programs as part of Linux-based distributions. Previously, back in 2021, the same Jia Tang may have tried to attack the libarchive project, which is similar in potential damage.
They tried to sneak in the backdoor as secretly as possible. All the code necessary for its operation was present only in the source archives, which are taken by the distribution maintainers. An attempt was made to hide the malicious makeweight from various testing methods, both automatic and manual, including through deliberate adding a typo to the sources.
Actually, it was almost possible to smuggle it in: the malicious package ended up in the beta version of the distribution Fedora 40, Kali Linux And was present in the Debian test branch, from where it could later spread to a large number of related distributions. Despite the presence of malicious code in Fedora 40, the backdoor did not appear to work there. The discovery of the problem itself became a legend overnight. Microsoft employee Andres Freund discovered backdoor by conducting performance testing. During testing, a rather long (half a second) freezing of the liblzma process, which was accessed by the sshd daemon, was detected.
The backdoor design is described in general terms Here And Here. In fact, and despite the early (a little more than a month, but this is counting from the time of publication of the malicious code, and not its introduction into distributions) discovery of the backdoor, the scale of the attack is still not fully determined. In discussions of the code, it is accepted that it may have other functionality not related to SSH. It is also not clear whether the systems that received the updates first and were accessible via SSH were attacked. Among them may be servers or personal systems of developers, in which the most recent code is more likely to be installed.
To summarize, this was a complex, long-term attack on an open source project that, if successful, could have led to the massive compromise of Linux-based systems around the world. Who is behind it is unknown (and most likely we will not find out). Jia Tang's activities, which are fairly well documented, can be analyzed in detail. It is unlikely that this was a hack of a bona fide developer's account, although the analysis of this user's commits, shown in the screenshot at the beginning of the text, shows that most of the malicious code was deployed outside of his standard working hours.
The attack will certainly have an impact on the open source community, where collaboration with strangers on the Internet (who have proven their skill and usefulness) is the norm. The consequence of introducing a backdoor into XZ-utils will be increased suspicion towards newcomers, and indeed within the community in general. For an ecosystem built on openness, this is a bad sign. A good sign is that the backdoor was discovered quite quickly, although they tried to hide it. Yes, this happened due to a rather random, successful combination of circumstances. But they still happened, which means that open source code development will most likely be able to adapt to this relatively new reality.
What else happened:
Three new articles from Kaspersky Lab experts have been published at once. Study an infected text editor distributed under the guise of Notepad++ to users in China. Detailed analysis Trojan program DinodasRAT for Linux. Description non-trivial and a long-lived vulnerability in Windows that allows one to gain maximum privileges by spoofing the system storage medium.
Great story about “AI hallucinations” tells The Register. Security researcher Bar Lanyado noted that if you use popular AI assistants for software development, they regularly offer to import non-existent software packages. One of these “invented” packages was called huggingface-cli, and Bar created a package with that name in the Python Package Index repository. After some time, the package showed up as a dependency in Alibaba's corporate code. Also reported last week was what may be the first large-scale attack on AI infrastructure: vulnerability is exploited in the Ray framework, on the basis of which AI models are built in various organizations.
Google Research Team published report on the evolution of zero-day vulnerabilities for 2023. A total of 97 such vulnerabilities were recorded, which is more than in 2022 (62), but less than the record figure for 2021 (106). One of the important conclusions of the report is that attackers are shifting their attention to third-party libraries and components. This is due to vendors' efforts to protect their own software, which makes attacks on poorly controlled code supplied by a third party attractive. This is an interesting addition to last week's main xz-utils story.
Researchers from Switzerland successfully adapted Rowhammer hardware attack for AMD Zen 2 and Zen 3 processors. In particular, this work demonstrated for the first time an attack on DDR5 memory modules.
Ars Technica edition writes about the case of an attack on an Apple ID account in which the MFA Fatigue method was used. As the name suggests, with such an attack, the user is bombarded with requests to reset the user’s account password, which are sent en masse to the iPhone linked to the account. The calculation is made that the victim will agree to reset the password either by mistake or simply “to get rid of it.” The problem is clearly on Apple's side, which has not introduced a limit on the number of requests sent.
