XZ Backdoor: How to check if your systems are affected?
Tags
attack-pattern: Data Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 Tool - T1588.002 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID 587c1ce4-39d1-48f0-92c3-231508e666c8
Fingerprint 2d089d120db28703
Analysis status DONE
Considered CTI value -2
Text language
Published April 9, 2024, 9:36 a.m.
Added to db Aug. 31, 2024, 7:08 a.m.
Last updated Nov. 18, 2024, 3:30 p.m.
Headline XZ Backdoor: How to check if your systems are affected
Title XZ Backdoor: How to check if your systems are affected?
Detected Hints/Tags/Attributes 45/1/11
Source URLs
Redirection Url
Details Source https://medium.com/@DCSO_CyTec/xz-backdoor-how-to-check-if-your-systems-are-affected-fb169b638271?source=rss-7c32125308fc------2
URL Provider
Details Provider Source level domain
Details medium.com medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 165 Stories by DCSO CyTec Blog on Medium https://medium.com/@DCSO_CyTec/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 38 
cve-2024-3094
Details Domain 4134 
github.com
Details Domain 1 
cve-2024-3094-detector.sh
Details Domain 3 
token.actions.githubusercontent.com
Details File 12 
bad-3-corrupt_lzma2.xz
Details File 1 
checksums.txt
Details File 3 
checksum.txt
Details Github username 3 
jfrog
Details Url 1 
https://github.com/jfrog/cve-2024-3094-tools.git
Details Url 1 
https://github\.com/anchore/grype/\.github/workflows/.
Details Url 3 
https://token.actions.githubusercontent.com