Security researchers at Binarly have discovered that the sophisticated supply chain hack still exists in publicly accessible Docker images on Docker Hub, more than a year after the startling revelation of the XZ Utils backdoor in March 2024.
The backdoor, attributed to a pseudonymous developer known as ‘Jia Tan’ who infiltrated the XZ Utils project over two years, was embedded in versions 5.6.0 and 5.6.1 of the lossless compression library.
This malicious code targeted the liblzma.so shared object, which integrates with OpenSSH servers, enabling unauthorized remote access through a chain of hooks on critical functions like RSA_public_decrypt, RSA_get0_key, and EVP_PKEY_set1_RSA.
Lingering Threat in Debian-Based Containers
The implantation leveraged GNU Indirect Function (IFUNC) resolvers to tamper with control flow in lzma_crc32 and lzma_crc64, allowing runtime interception and payload execution within the sshd process.
Initially distributed in major Linux distributions such as Debian, Fedora, and OpenSUSE, the backdoor posed severe risks to cloud infrastructure and embedded systems, prompting urgent rollbacks and community-driven mitigations.
Binarly’s recent analysis, conducted on a 15TB dataset of Docker images, revealed that at least 12 Debian-based images built around March 11, 2024, for architectures like amd64 still harbor the backdoored liblzma.so.
These include tags such as unstable-20240311, trixie-20240311-slim, and sid-20240311, identifiable by specific manifest digests and blob hashes that match known malicious artifacts uploaded to VirusTotal.
Alarmingly, these compromised base images have propagated transitively, infecting over 35 second-order images across repositories like buildpack-deps, neurodebian, and others used in development, CI/CD pipelines, and potentially enterprise environments.
For instance, images in the makepad/opencv repository, including trixie-4.9.0 and trixie-slim-4.9.0, inherit the backdoor, as do those in myoung34/github-runner and controlplane/sectools.
While Binarly’s scan was limited to Debian artifacts due to historical data availability on Docker Hub, the potential spread to Fedora and OpenSUSE-derived containers remains unassessed, highlighting gaps in ecosystem-wide visibility.
Software Supply Chain Security
The persistence of these backdoored images underscores the challenges in eradicating supply chain threats, even after widespread awareness.
Binarly notified Debian maintainers in an attempt to prompt removal, but the artifacts remain accessible, with maintainers citing that users should prioritize up-to-date builds.
This stance overlooks the risks of inadvertent pulls in automated workflows or legacy systems, where exploitation could occur if attackers with the backdoor’s private key gain network access to SSH services.
The backdoor’s design, involving state-sponsored sophistication with multi-year planning and reusable IFUNC hooking techniques, suggests it may not be an isolated incident, potentially repurposed in other attacks.
To combat such threats, Binarly has enhanced its Transparency Platform with static analysis for detecting anomalous IFUNC resolvers and ELF file modifications, achieving near-zero false positives.
This technology powers the free XZ.fail scanner, which identifies control flow tampering without relying on brittle methods like hash matching or YARA string constants that falter against recompiled variants.
The platform’s recent integration of a YARA Rule Playground further enables rapid scanning of software portfolios for custom rules, aiding in proactive remediation.
This discovery emphasizes the need for continuous binary-level monitoring in container registries, as short-lived compromises can endure and amplify through layered dependencies, exposing vulnerabilities in modern DevOps practices.
As supply chain incidents proliferate, tools like these are essential for reducing attack surfaces and ensuring resilient ecosystems.
AWS Security Services: 10-Point Executive Checklist - Download for Free
Source link
