Linux it's a open source operating system that, since its creation in 1991, has become one of the most popular platforms of the world due to its versatility. And unlike operating systems like Windows either macOS, Linux stands out for its security and stability, allowing users to modify and distribute it freely. Of course, it hasn't always been like this, and a gap in its history could have caused technological chaos if it had not been discovered in time. This is the story of Andrew Freundan engineer who is considered a accidental hero in the world of technology.
It all started with an act of vigilance and technical skill that did not go unnoticed, and that ultimately generated praise from great figures, including Satya Nadellacurrent Microsoft CEO, who praised Freund's “curiosity and skill” in preventing a global cyberattack.
The attack that Andrés Freund avoided
Freund is a 38-year-old German engineer, who maintains a low profile, and who has focused his work especially on PostgreSQL updates for Microsoft from its headquarters in San Francisco. But this plot began in the field of cybersecurity. And the professional became an unplanned hero upon discovering a critical vulnerability an essential component of the Linux operating system.
While performing typical routine tests, Freund noticed anomalous behavior that led him to identify a backdoor in XZ Utilsa key data compression tool, which resulted in avoiding a cyberattack of global magnitude.
More specifically, the Earth-shattering discovery occurred when Freund observed unusual CPU consumption by sshd processes, which should have failed immediately. His curiosity and research led him to notice the presence of a backdoor in XZ Utils versions 5.6.0 and 5.6.1which could have allowed hackers to covertly execute malicious code on the affected systems.
In this sense, the relevance of this finding also focuses on the magnitude of Linux on servers around the world, which would have made an eventual successful attack extremely high. But the fact that the threat was quickly mitigated makes us breathe a sigh of relief.
Thus, and thanks to the collaboration between Freund and the open source community, the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about the vulnerabilityurging users to return to previous versions of XZ Utils while the issue was resolved.
Subsequently, the investigation suggested the attack could have been linked to advanced cyber espionage operationswith speculation pointing towards state actors such as Russia or even China.
So far, what is confirmed is that the infiltration into the XZ Utils project was apparently orchestrated by an individual under the alias Jia Tan, who would have gained the trust of the community to carry out the attack. Curious, isn't it?