Thomas Roccia Mar 31, 2024

🤯 The level of sophistication of the XZ attack is very impressive! I tried to make sense of the analysis in a single page (which was quite complicated)!

I hope it helps to make sense of the information out there. Please treat the information "as is" while the analysis progresses! 🧐 #infosec #xz

Show threadMohamedMar 31, 2024
@fr0gger The timeline (3 years) and sophistication 'seem' to indicate that the threat actor is a nation state with advanced #infosec capabilities.
Show threadwaldi
@kentoseth @fr0gger And in the end they got sloppy. The backdoor needed to reach Ubuntu in time for the next stable release. The delivery mechanism will not work for much longer.
Mar 31, 2024 at 4:49pmWeb