• dan@upvote.au
    link
    fedilink
    arrow-up
    34
    ·
    edit-2
    8 months ago

    That could be part of their plan though… Make people think they’re from China when in reality they’re a state-sponsored actor from a different country. Hard to tell at this point. The scary thing is they got very close to sneaking this malware in undetected.

    A lot of critical projects are only maintained by one person who may end up burning out, so I’m surprised we haven’t seen more attacks like this. Gain the trust of the maintainer (maybe fix some bugs, reply to some mailing-list posts, etc), take over maintenance, and slowly add some malware one small piece at a time, interspersed with enough legit commits that you become one of the top contributors (and thus people start implicitly trusting you).

      • psmgx@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        8 months ago

        Heavily, aggressively involved in cyber activities. Previous Chinese attempts were unveiled by similar small gotchas.

        Arguably that’s hard to prove, and it could be NK, India, the NSA, etc., but it’s not hard to believe this was part of another stream of attempts. Low ball, give it to the new guy, sorts of stuff.

        US fed gov loves redhat for example, and getting into Fedora is how you get into RHEL