Linux vunerable to PRISM

I compile a backdoor into some Open Source code - that means the Open Source code is vulnerable? Don’t really understand that.

I thought that PRISM was the name of an NSA spy program. The description in “HackRead” mentions that “VirusTotal” doesn’t detect open source “backdoor” … (I, for privacy reasons, never use a website to detect viri on my computer.) is a bit vague. What is so special about an “open source” backdoor? I use shh if needed, widely available :innocent:

1 Like

It’s just a convenience. If you are in the hacking business (government or other criminal organisation), you can git clone the backdoor code. However this article is talking about a variant i.e. where someone may have cloned the source code but then made enhancements - and then selfishly not pushed the enhancements back to the original. :rofl:

None of this really means much unless you can compromise the target system in order to install the backdoor in the first place.

The original article has much more detail: https://cybersecurity.att.com/blogs/labs-research/prism-attacks-fly-under-the-radar

Monitoring the malicious actor in this way allows security people to get an idea of when the software started to be used, how much, and when and whether it has been extinguished (as being too widely detected). I think the main point is that it is still being used after quite a few years but is flying under the radar.

You can see from the actual article that at least one Linux user in the world has been hit by malware using this backdoor.

I think the topic title is somewhat misleading.

2 Likes