Sujet : Re: Malware find in the news: xz related.
De : NoliMihiFrangereMentulam (at) *nospam* libero.it (MarioCCCP)
Groupes : comp.os.linux.miscDate : 06. Apr 2024, 12:17:43
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <uurb0n$21frv$4@dont-email.me>
References : 1 2 3 4 5 6 7 8 9 10 11
User-Agent : Mozilla Thunderbird
On 02/04/24 03:34, Carlos E.R. wrote:
On 2024-04-01 16:03, Rich wrote:
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-03-31 23:37, Richard Kettlewell wrote:
Incredibly good luck that it was spotted before it was
too widely
deployed. Or bad luck if you were the originator l-)
I saw a post (es.comp.os.linux.redes) of someone in which
the sshd
had weird peaks of high cpu (40%)
The individual who discovered the backdoor was doing some
kind of
performance testing of PostgreSQL. Because of that they were
monitoring their system's processe's usage and noticed
unusual CPU
usage from sshd. When they started digging into why sshd
was spiking
CPU usage (because it was messing with their PostgreSQL
performance
monitoring) they discovered the sshd backdoor.
No, I mean that it has been seen in the wild.
When the thread I mentioned appeared, we knew nothing of the
vulnerability, it was March 21st.
apart from all tech details, had the chap that put this
backdoor in the systems been detained yet ?
-- 1) Resistere, resistere, resistere.
2) Se tutti pagano le tasse, le tasse le pagano tutti
MarioCPPP
Malware find in the news: xz related.
Re: Malware find in the news: xz related.
