Featured Image Credit: Surasak Suwanmake/imaginima/Getty
A malicious update has been found just in time before it caused widespread chaos.
Red Hat, a tech company that provides open source solutions, posted an 'urgent security alert' on Friday, saying that two versions of a popular data compression library called XZ Utils had been backdoored with malicious code.
This is scary, because it basically meant that a bad actor had injected it with code that would give them unauthorized remote access to you.
Advert
Software and cryptography engineer Filippo Valsorda posted on social media site Bluesky that it "might be the best executed supply chain attack we've seen described in the open, and it's a nightmare scenario: malicious, competent, authorized upstream in a widely used library".
Luckily, the malicious code was caught in time - with Valsorda suggesting it was spotted "by chance".
According to Ars Technica, Andres Freund, a developer and engineer working on Microsoft’s PostgreSQL offerings, was troubleshooting issues in the universal operating system Debian with SSH, 'The most widely used protocol for remotely logging into devices over the Internet'.
Through Freund's work - and a bit of luck - he discovered the malicious code, which were the result of updates that had been made to xz Utils.
Ars Technica says Freund then went public and revealed that the updates were actually something much more sinister than they first appeared - and were someone intentionally putting a backdoor in the compression software.
In computing, 'backdoors' are put into tech as a way of bypassing normal authentications and gaining access to someone's data or device - usually for nefarious purposes.
And according to Ars Technica, it looks like this backdoor was 'years in the making' - and could have been worked on as far back as 2021.
It's all pretty complicated stuff, but at its core, it's good news. The malicious code was caught just in time - meaning that no bad actors have been able to use this particular backdoor to weasel their way into an individual or company operating system.
While this seems like a grand scheme from a highly sophisticated scammer, there are still plenty of simple things you can do to keep your own data safe.
Whether it's making sure you've always got the latest operating system downloaded, making sure you're only downloading trusted apps or having different passwords for everything, small steps can go a long way to making sure you stay safe online.
