|
What is absolutely ingenious is that they put the payload into a test blob as it looks like merely garbage being used for automated testing to verify liblzma. Basically an innocuous place noone would think to look or cate about. Some of the bash scripts are fascinating in this. What's interesting is that the Microsoft engineer noticed a 0.5 second delay in SSH because a mistake was made, and fir whatever reason the engineer managed to investigate and pinpoint that it is a backdoor. The whole thing is pretty amazing. Makes you wonder how many other open source projects are backdoored but noone noticed or investigated. Kind of scary.
|