Thread: State-sponsored hackers inject malware into "XZ" library
View Single Post
  #3  
Old 04-02-2024, 14:28
blue_devil's Avatar
blue_devil blue_devil is offline
Family
  
Join Date: Dec 2011
Location: Observable Universe
Posts: 538
Rept. Given: 110
Rept. Rcvd 73 Times in 46 Posts
Thanks Given: 688
Thanks Rcvd at 895 Times in 297 Posts
blue_devil Reputation: 73
Quote:
Originally Posted by chants View Post
Makes you wonder how many other open source projects are backdoored but noone noticed or investigated. Kind of scary.
This is what I am talking about

If you are interested in state-sponsored-hackers. You should also read how Ken Thompson injected a virus to a compiler.

Code:
https://wiki.c2.com/?TheKenThompsonHack
From the article: "Not only did his compiler know it was compiling the login function and inject a backdoor, but it also knew when it was compiling itself and injected the backdoor generator into the compiler it was creating. The source code for the compiler thereafter contains no evidence of either virus."
Reply With Quote
The Following 2 Users Say Thank You to blue_devil For This Useful Post:
chants (04-02-2024), NON (04-02-2024)