- 11:40Stellantis Shifts Gears: Morocco's Automotive Boom Raises Questions for European Manufacturing
- 11:25Elon Musk Increases Financial Incentive for Petition Supporting Constitutional Rights
- 11:15Morocco's Human Rights Council Pushes for Enhanced Protections in Strike Legislation
- 11:02Trump Claims Sinwar's Demise Paves the Way for Peace in Gaza, Plans Dialogue with Netanyahu
- 10:30Morocco's King Spearheads Major Administrative Overhaul with Key Appointments
- 10:06Venezuela Appoints Alex Saab as New Industry Minister Amid Political Turmoil
- 09:50Morocco's 2025 Financial Roadmap: King Mohammed VI Unveils Ambitious Plan for Economic Growth and Social Progress
- 09:38Drone Attack Targets Netanyahu's Residence Amid Escalating Tensions
- 09:12Morocco's Diplomatic Reshuffle: King Mohammed VI Appoints New Ambassadors in Strategic Move
Follow us on Facebook
The Specter of Cyber Piracy: How a Hacker Touched the Reins of the Internet
A real-life espionage thriller.
It's a chilling affair that raises serious concerns in the cybersecurity world. It all began in 2021 when a mysterious user operating under the pseudonym Jia Cheong Tan started to get involved in the open-source project XZ Utils, a highly popular compression tool on Linux. Over the next three years, this programmer made no less than 6,000 code modifications, skillfully concealing a backdoor that could have allowed malicious actors to access hundreds of millions of websites worldwide.
The discovery of this intrusion was almost accidental. Andres Freund, an engineer at Microsoft, noticed that the remote connection protocol of a variant of Linux Debian was unusually slow. His meticulous investigation eventually uncovered this unprecedented security flaw.
Since this revelation, the cybersecurity world has been in turmoil, determined to uncover the identity of this mysterious Jia Tan. According to Costin Raiu, head of the global research and analysis team at the Russian cybersecurity company Kaspersky, it could be a state-sponsored group with substantial resources to infiltrate essential open-source projects over the long term.
"This is a more cunning attack than any previous attacks on software supply chains. This attack was more sophisticated than anything I have seen before," he said, citing China, Russia, or North Korea as potential sponsors.
Regardless, this hacker (or group of hackers) demonstrated remarkable discretion, using a VPN and a Singaporean IP address for each communication. A looming shadow that briefly grazed the control of the global web before narrowly being uncovered.