Techly NewsGet the app

Get the latest tech news

XZ Utils Backdoor Still Lurking in Docker Images


In this blog, we share a new finding in the XZ Utils saga: several Docker images built around the time of the compromise contain the backdoor. At first glance, this might not seem alarming: if the distribution packages were backdoored, then any Docker images based on them would be infected as well. However, what we discovered is that some of these compromised images are still publicly available on Docker Hub.

Even if the practical impact of this issue is somewhat limited, given that exploitation requires the backdoor key owners to have network access to the infected device or container with the SSH service running. The xz-utils backdoor incident demonstrates that even short-lived malicious code can remain unnoticed in official container images for a long time, and that can propagate in the Docker ecosystem. The delay underscores how these artifacts may silently persist and propagate through CI pipelines and container ecosystems, reinforcing the critical need for continuous binary-level monitoring beyond simple version tracking.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of backdoor

backdoor

Photo of docker images

docker images

Related news:

News photo

Hackers Went Looking for a Backdoor in High-Security Safes—and Now Can Open Them in Seconds

News photo

China Claims Nvidia Built Backdoor Into H20 Chip Designed For Chinese Market

News photo

China claims Nvidia built backdoor into H20 chip designed for Chinese market | US semiconductor giant is trying to revive sales in the country.

« Croatian freediver held breath for 29 minutes
Intel shares jump as Softbank to buy $2bn stake in chip giant »