Tag Archives: backdoors

What we know about the xz Utils backdoor that almost infected the world

Enlarge / Malware Detected Warning Screen with abstract binary code 3d digital concept Getty Images reader comments 57 On Friday, a lone Microsoft developer rocked the world when he revealed a backdoor had been intentionally planted in xz Utils, an open-source data compression utility available on almost all installations of Linux and other Unix-like operating… Read More: What we know about the xz Utils backdoor that almost… »

Backdoor found in widely used Linux utility breaks encrypted SSH connections

Enlarge / Internet Backdoor in a string of binary code in a shape of an eye. Getty Images reader comments 93 Researchers have found a malicious backdoor in a compression tool that made its way into widely used Linux distributions, including those from Red Hat and Debian. The compression utility, known as xz Utils, introduced… Read More: Backdoor found in widely used Linux utility breaks encrypted SSH… »

Backdoored firmware lets China state hackers control routers with “magic packets”

Getty Images reader comments 36 with Hackers backed by the Chinese government are planting malware into routers that provides long-lasting and undetectable backdoor access to the networks of multinational companies in the US and Japan, governments in both countries said Wednesday. The hacking group, tracked under names including BlackTech, Palmerworm, Temp.Overboard, Circuit Panda, and Radio… Read More: Backdoored firmware lets China state hackers control routers with “magic… »

Researchers unearth Windows backdoor that’s unusually stealthy

reader comments 12 with Share this story Researchers have discovered a clever piece of malware that stealthily exfiltrates data and executes malicious code from Windows systems by abusing a feature in Microsoft Internet Information Services (IIS). IIS is a general-purpose web server that runs on Windows devices. As a web server, it accepts requests from… Read More: Researchers unearth Windows backdoor that’s unusually stealthy »

Hundreds of WordPress sites infected by recently discovered backdoor

reader comments 31 with 0 posters participating Share this story Malware that exploits unpatched vulnerabilities in 30 different WordPress plugins has infected hundreds if not thousands of sites and may have been in active use for years, according to a writeup published last week. The Linux-based malware installs a backdoor that causes infected sites to… Read More: Hundreds of WordPress sites infected by recently discovered backdoor »

Breach of software maker used to backdoor as many as 200,000 servers

reader comments 18 with 14 posters participating Share this story Fishpig, a UK-based maker of e-commerce software used by as many as 200,000 websites, is urging customers to reinstall or update all existing program extensions after discovering a security breach of its distribution server that allowed criminals to surreptitiously backdoor customer systems. The unknown threat… Read More: Breach of software maker used to backdoor as many as… »

Researchers find backdoor lurking in WordPress plugin used by schools

reader comments 12 with 11 posters participating Share this story Researchers said on Friday that they found a malicious backdoor in a WordPress plugin that gave attackers full control of websites that used the package, which is marketed to schools. The premium version of School Management, a plugin schools use to operate and manage their… Read More: Researchers find backdoor lurking in WordPress plugin used by schools »

Supply chain attack used legitimate WordPress add-ons to backdoor sites

Getty Images reader comments 10 with 10 posters participating Share this story Dozens of legitimate WordPress add-ons downloaded from their original sources have been found backdoored through a supply chain attack, researchers said. The backdoor has been found on “quite a few” sites running the open source content management system. The backdoor gave the attackers… Read More: Supply chain attack used legitimate WordPress add-ons to backdoor sites »

Backdoor for Windows, macOS, and Linux went undetected until now

reader comments 42 with 33 posters participating Share this story Researchers have uncovered a never-before-seen backdoor written from scratch for systems running Windows, macOS, or Linux that remained undetected by virtually all malware scanning engines. Researchers from security firm Intezer said they discovered SysJoker—the name they gave the backdoor—on the Linux-based Webserver of a “leading… Read More: Backdoor for Windows, macOS, and Linux went undetected until now »

US federal agency fails to respond to reports it has been backdoored

reader comments 5 with 5 posters participating, including story author Share this story A US federal agency has been hosting a backdoor that can provide total visibility into and complete control over the agency network, and the researchers who discovered it have been unable to engage with the administrators responsible, security firm Avast said on… Read More: US federal agency fails to respond to reports it has… »