• @shotgun_crab@lemmy.world
    link
    fedilink
    49
    edit-2
    9 months ago

    Still paniking, cause the backdoor was apparently targetting Debian servers, it was discovered just by chance and the “mantainer” made commits for 2 years in the same repo

    • Possibly linux
      link
      fedilink
      English
      119 months ago

      The fact that this was planned is what makes me nervous. Imagine what else is lurking.

      • @dan@upvote.au
        link
        fedilink
        289 months ago

        and it was only discovered accidentally, when someone was profiling some stuff, noticed SSH using a bit too much CPU power when receiving connections even for invalid usernames/passwords, and spent the time to investigate it more deeply. A lot of developers aren’t that attentive, and it could have easily snuck through.