Thomas Roccia Mar 31, 2024

🤯 The level of sophistication of the XZ attack is very impressive! I tried to make sense of the analysis in a single page (which was quite complicated)!

I hope it helps to make sense of the information out there. Please treat the information "as is" while the analysis progresses! 🧐 #infosec #xz

Show threadyoxemMar 31, 2024
@fr0gger As a sinophone, it's discussed which country is the software-poisoning user from.

Jin Cheong Tan is not considered a widely used spelling of China citizen and Taiwanese's name. I think that it's more possibly from SE Asia chinese descendants' one, but it may be a combination from arbitrary-chosen syllables in Sinitic languages.
Show threadRolf Steinort (314.8 ppm)Mar 31, 2024
@yoxem @fr0gger Or it’s just a red herring to let us look into Asia.
Show threadPeter Bindels

@rstein @yoxem @fr0gger Same as their logged IP which was in Singapore.

And known to be of a VPN host.

Apr 4, 2024 at 5:46amWeb