IOC Radar
TLP:WHITE3 IOCs

XZ Backdoor: How to check if your systems are affected?

DC
DCSO CyTec Blog
Published April 8, 2024Original Report

Diamond Model

Attack Flow7 steps · MITRE ATT&CK mapped

Initial AccessTA0001·T1195
1/7
Supply Chain Compromise
ActionCompromise software repository
A malicious actor gradually gained trust and injected malicious code into the XZ Utils repository over two years.

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise3

TypeIndicatorConfidenceScoreFirst Seen
CVECVE-2024-3094
aptespionageexploit
Medium
51
Jun 2, 26
MD5223949d5a074ebc3dce9ee78baad9e27
aptespionageexploit
Medium
53
Jun 2, 26
SHA1328c52da8a2bbb81307644efdb58db2c422d9ba7
aptespionageexploit
Medium
53
Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph3 total IOCs
CVEMD5SHA1
CVE1MD51SHA11REPORTXZ Backdoor: How to check
scroll to zoom · drag to pan · click IOC to open