Binarly Releases Free Online Scanner to Detect Linux Executables Impacted by XZ Utils Supply Chain Attack
In a recent development, Binarly, a leading cybersecurity company, has released a free online scanner to detect Linux executables that may have been affected by the XZ Utils supply chain attack (CVE-2024-3094).
The XZ Utils supply chain compromise was initially discovered by a Microsoft engineer on Debian Sid. It was revealed that a backdoor had been introduced by a pseudonymous contributor in XZ version 5.6.0, allowing for potential security vulnerabilities in affected systems.
In response to this threat, detection and remediation efforts are currently underway, with the Cybersecurity and Infrastructure Security Agency (CISA) suggesting the downgrading of XZ Utils to version 5.4.6 Stable as a precautionary measure.
Binarly has taken proactive steps to address this issue by developing a dedicated scanner specifically designed to detect backdoors in XZ Utils and other projects. Their detection method focuses on static analysis of binaries to identify tampering of transitions in GNU Indirect Function (IFUNC), ensuring a thorough examination of potentially compromised files.
Furthermore, Binarly’s scanner goes beyond just XZ Utils, scanning for potential supply chain points in other areas to provide users with higher confidence results. The online scanner is available at xz.fail for unlimited free checks, making it easily accessible for individuals and organizations seeking to protect their systems. Additionally, Binarly has introduced a free API for bulk scans, catering to those who require extensive scanning capabilities.
Overall, Binarly’s efforts in developing this advanced scanning tool demonstrate their commitment to enhancing cybersecurity measures and safeguarding against potential threats in the digital landscape.
