FILE PHOTO: Figurines with computers and smartphones are seen in front of the words “Cyber Security” in this illustration taken, February 19, 2024. REUTERS/Dado Ruvic/Illustration/File Photo
By Raphael Satter
WASHINGTON (Reuters) -The recent attempt by an unknown actor to sabotage a widely used software program may have been one of several attempts to subvert key pieces of digital infrastructure across the internet, two open source groups said in an alert published on Monday.
In a joint statement, the Open Source Security Foundation and the OpenJS Foundation said the attempt to insert a secret backdoor into XZ Utils – a little-known program that is baked into Linux operating systems across the world – “may not be an isolated incident.”
They said at least three different JavaScript projects were targeted by unnamed individuals demanding suspicious updates or asking to be made maintainers of the targeted software.
The JavaScript programming language powers much of the modern web and sees intensive use across the world. Omkhar Arasaratnam, the Open Source Security Foundation’s general manager, said that one of the targeted packages alone saw tens of millions of downloads a week.
He declined to identify the JavaScript projects by name, saying he wanted to protect an ongoing investigation.
Arasaratnam also said that while it wasn’t clear what the suspected malicious actors were hoping to do – “we stopped them before they got that far” – he suspected they hoped to build backdoors into those projects as well.
The OpenJS and Open Source Security Foundations said they had warned the U.S. Cybersecurity & Infrastructure Security Agency about the suspected infiltration. The agency did not immediately return a message seeking comment.
(Reporting by Raphael Satter; Editing by Josie Kao and Leslie Adler)
News Related-
Pedestrian in his 70s dies after being struck by a lorry in Co Laois
-
Vermont shooting updates: Burlington police reveal suspect’s eerie reaction to arrest
-
Grace Dent says her ‘heart is broken’ as she exits I’m A Celebrity early
-
Stromer’s ST3 Urban E-Bike Goes Fancy With Minimalist Design, Modern Tech
-
Under-pressure Justice Minister announces review of the use of force for gardaí
-
My appearance has changed because of ageing, says Jennifer Lawrence
-
Man allegedly stabbed in the head during row in Co Wexford direct provision centre
-
Children escape without injury after petrol bomb allegedly thrown at house in Cork City
-
Wexford gardai investigating assault as man is bitten in the face during Main Street altercation
-
Child minder’s husband handed eight year sentence for abusing two children
-
The full list of the best London restaurants, cafes and takeaways revealed at the Good Food Awards
-
Mazda CEO Says EVs 'Not Taking Off' In The U.S.—Except Teslas
-
Leitrim locals set up checkpoint to deter asylum seekers
-
Ask A Doctor: Can You Get Shingles More Than Once?