Linux maintainers were infected for 2 years by SSH-dwelling backdoor(ars technica)

Posted May 16, 2024 3:15 UTC (Thu) by Baughn (subscriber, #124425)
Parent article: Linux maintainers were infected for 2 years by SSH-dwelling backdoor (Ars Technica)

And now we're 100% positive, of course, that there's no remaining implants and nothing made its way into the kernel.

-kidding, of course. It would take a lot of hubris to be positive of that.

"Implants"

Posted May 16, 2024 3:20 UTC (Thu) by corbet (editor, #1) [Link] (1 responses)

It's actually pretty easy to be sure that nothing was put into the kernel; modifications to the Git repositories would have set off alarms across the net. It seems pretty clear that the people who compromised that machine had no idea of what they had.

"Implants"

Posted May 16, 2024 11:40 UTC (Thu) by yoshi314 (guest, #36190) [Link]

yeah, git has strict(er) integrity validation.

i still recall when there was a cvs mirror of bitkeeper repo and someone injected faulty commits into that one (but the BK repo was unaffected). still, i would assume that someone with ill intent and in-depth knowledge of git might have attempted to sneak something in as well.