undefined | Better HN

0 pointstravem2y ago0 comments

Interesting, I used https://ossinsight.io/analyze/JiaT75 to identify contributions from the account used by author of the backdoor. It looks like the account made other potentially problematic contributions to other projects.

The disabling of ifunc in this PR against Google's oss-fuzz project maybe one way they tried to prevent this particular backdoor being flagged by that tool? https://github.com/google/oss-fuzz/pull/10667

0 comments

mxmlnkn2y ago

There is a related issue for LLVM/clang by this person:

https://github.com/llvm/llvm-project/issues/63957

est2y ago

I am curious, why don't this clever hacker create multiple accounts instead of only this "JiaT75"

j / k navigate · click thread line to collapse

0 comments

mxmlnkn2y ago

There is a related issue for LLVM/clang by this person:

https://github.com/llvm/llvm-project/issues/63957

est2y ago

I am curious, why don't this clever hacker create multiple accounts instead of only this "JiaT75"

j / k navigate · click thread line to collapse