According to Wu, a backdoor was implanted in the xz-utils (formerly known as LZMA Utils) project recently. xz is one of the compression formats widely used by Linux distributions. The malicious code added by the hacker will interfere with the authentication of sshd through systemd, thereby gaining remote unauthorized access to the entire system. Since 2022, an account named Jia Tan has begun to contribute code and gradually become a major contributor, and now suddenly implements its own backdoor operation.
