Free software's not-so-eXZellent adventure

Posted Apr 2, 2024 23:13 UTC (Tue) by Cyberax (✭ supporter ✭, #52523)
Parent article: Free software's not-so-eXZellent adventure

What actually scares me is that this attack does not _have_ to be the result of GRU/China/NSA/$THREE_LETTER_AGENCY.

It can legitimately be just one individual acting on their own. And there is a pretty solid motivation for it: cryptocurrency. These days, if you manage to sneak a backdoor into something like SSH, you can quite easily leverage that for an immediate payoff on the hundred-million dollar scale. No need to deal with stingy government agencies (that can "disappear" you just as well as pay you off).

Free software's not-so-eXZellent adventure

Posted Apr 3, 2024 18:12 UTC (Wed) by lunaryorn (subscriber, #111088) [Link]

Kinda reminds me of the event-stream incident in 2018… this "hostile contributor takes over" move had a precedent.

Free software's not-so-eXZellent adventure

Posted Apr 7, 2024 16:20 UTC (Sun) by mathstuf (subscriber, #69389) [Link]

However, I feel that cryptocurrency mining would have also made the fact that *something* was up very evident and have led to discovery before "much" benefit had been gained without sitting on it to be deployed to LTS distro releases first. Given the pressure to get it into the bleeding edge distros, I suspect that this was more of interest to get "landing pads" for further work deployed. I feel like cryptocurrency mining is better off finding 0-days in existing software as the scam-coin-to-mine changes faster than this deployment process but slower than "people patching their 0-day bugs".