Member-only story
😟 Security Experts Terrified By SSH Vulnerability. Here’s What We Know
The vulnerability triggered in SSH can allow hackers to take over servers. Security experts are terrified. It’s possible the attack took over two years, required a lot of resources and technical skills
For the last week, everyone is talking about the vulnerability triggered in SSH. Usually the descriptions of it are quite complicated. Is it just another hole in some random app? If so, why cybersecurity are so concerned about this one, and online forums are full of terrified security experts? Let’s find out!
As we can read on wiz.io, a backdoor was found in versions 5.6.0 and 5.6.1 of xz utils that impacted SSH. As we can read, xz it is a command line compression tool that consists of lzma and xz and impacted SSH.
I was able to write this article, because people read it on Medium
On Friday, 29 March, 2024, Andres Freund send an email to Openwall mailing list. A mailing list is like Discord for tech savvy people, while Openwall is a project to secure open source code.
It’s there where Andres shares his troubling findings.
The Server Takeoff
He was doing some work with Secure Shell Protocol (SSH). SSH is like a fork is for spaghetti for literally everyone who has to connect to some server. Developers, DevOps, SecOps and everyone in tech is using SSH to connect safely to servers. Even servers use SSH to connect to other servers.
Clap if you like the article so far!
So Andres was doing his normal tech things, but something was off, and it was not only the price of olive oil in 2024. When he logged in to a server with SSH, the server started to prepare for a takeoff.
The fans were spinning faster and faster, and the server, usually silent started to slurp and burp. In such moments people check if they didn’t forget to close the Windows Clock app, that CPU hungry beast.
