- 09:38Drone Attack Targets Netanyahu's Residence Amid Escalating Tensions
- 09:12Morocco's Diplomatic Reshuffle: King Mohammed VI Appoints New Ambassadors in Strategic Move
- 09:04X Social Media to Share User Data for AI Training: A New Era of Data Monetization
- 08:33Morocco's Planning Commission Sees Leadership Change as King Appoints New High Commissioner
- 21:10Al Omrane Expo for Moroccans Worldwide Makes a Stop in Amsterdam: Strengthening Ties with the Diaspora
- 17:45Diplomatic Engagement: Britain and China Seek Common Ground Amidst Tensions
- 17:20Morocco's Rural Education Overhaul: EIB, EU, and Government Launch €125.8 Million Initiative
- 17:05Hamas has announced that its leader, Yahya Sinwar, was killed in fighting with the Israeli army in Gaza
- 16:40Pregnant Teen's Rescue from Abandoned Well Uncovers Disturbing Allegations in Morocco
Follow us on Facebook
The Specter of Cyber Piracy: How a Hacker Touched the Reins of the Internet
A real-life espionage thriller.
It's a chilling affair that raises serious concerns in the cybersecurity world. It all began in 2021 when a mysterious user operating under the pseudonym Jia Cheong Tan started to get involved in the open-source project XZ Utils, a highly popular compression tool on Linux. Over the next three years, this programmer made no less than 6,000 code modifications, skillfully concealing a backdoor that could have allowed malicious actors to access hundreds of millions of websites worldwide.
The discovery of this intrusion was almost accidental. Andres Freund, an engineer at Microsoft, noticed that the remote connection protocol of a variant of Linux Debian was unusually slow. His meticulous investigation eventually uncovered this unprecedented security flaw.
Since this revelation, the cybersecurity world has been in turmoil, determined to uncover the identity of this mysterious Jia Tan. According to Costin Raiu, head of the global research and analysis team at the Russian cybersecurity company Kaspersky, it could be a state-sponsored group with substantial resources to infiltrate essential open-source projects over the long term.
"This is a more cunning attack than any previous attacks on software supply chains. This attack was more sophisticated than anything I have seen before," he said, citing China, Russia, or North Korea as potential sponsors.
Regardless, this hacker (or group of hackers) demonstrated remarkable discretion, using a VPN and a Singaporean IP address for each communication. A looming shadow that briefly grazed the control of the global web before narrowly being uncovered.