SYMBOLCOMMON_NAMEaka. SYNONYMS
sh.xzbot (Back to overview)

xzbot

aka: xzorcist

A backdoor brought into version 5.6.0 and 5.6.1 of compression library/tool xz/liblzma, which was intended to enable access via (Open)SSH on affected servers.

References
2024-04-102024-04-10Antonio Pirozzi, Sarthak Misraa
XZ Utils Backdoor | Threat Actor Planned to Inject Further Vulnerabilities
xzbot
2024-04-09DCSODCSO CyTec
XZ Backdoor: How to check if your systems are affected
xzbot
2024-04-03WiredAndy Greenberg, Matt Burgess
The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind
xzbot
2024-04-03ThreatMonKerime Gencay
XZ Utils Backdoor Research Report CVE-2024-3094
xzbot
2024-04-01Github (amlweems)Anthony Weems
Analysis Repo with honeypot and backdoor patch for xzbot
xzbot
2024-03-31Twitter (@fr0gger)Thomas Roccia
Tweet with visual summary of the execution flow
xzbot
2024-03-31Github (karcherm)Michael Karcher
Information about the liblzma (xz-utils) backdoor
xzbot
2024-03-30Github (smx-smx)smx
Gist with XZ Backdoor analysis
xzbot
2024-03-30Gynvael.Coldwind//vx.logGynvael Coldwind
xz/liblzma: Bash-stage Obfuscation Explained
xzbot
2024-03-29OpenwallAndres Freund
Initial email disclosing suspected backdoor in xz tarballs
xzbot
2024-03-29Github (thesamsam)Sam James
Gist with XZ Backdoor analysis
xzbot
2024-03-29CISACISA
Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094
xzbot
2024-03-29boehs.orgEvan Boehs
Everything I Know About the XZ Backdoor
xzbot

There is no Yara-Signature yet.