GitHub Restores Access to XZ Utils Repository

A week after finding a malicious backdoor, GitHub has safely restored access to the XZ Utils repo for developers worldwide.

A well-planned and long-prepared attempt to embed malicious code into the Linux XZ Utils package has emerged as one of this year’s most significant stories in the open-source community.

This sophisticated attack aimed to enable remote unauthorized access via SSH, potentially affecting a broad spectrum of Linux distributions. Unfortunately, this incident casts a shadow over the ecosystem, marking a moment that will be discussed for years.

Consequently, GitHub temporarily disabled access to the XZ Utils repository 24 hours following its discovery. However, access has since been restored, and the repository is again open for developers looking to commit code.

Additionally, Lasse Collin, one of the lead developers involved, has had his account unbanned after a recent ban pending further investigation. However, what captures more attention is the status of the JiaT75 (Jia Tan) account, which is the main suspect in the intentional backdoor breach.

As anyone can see, the account remains included in the list of XZ Utils contributors on GitHub. The man who spent more than two years dedicating himself with remarkable patience and diligence to contributing code (permanently, as it turns out, through a VPN connection) aimed to build trust before striking his final blow.

JiaT75's account on GitHub.
JiaT75’s account on GitHub.

So, who is JiaT75? Well, that’s the million-dollar question that even the world’s leading cybersecurity experts still cannot answer. The consensus leans towards Jia Tan being a facade for a nation-state actor, a phantom identity masking a collective of individuals.

According to information posted on X by Andy Greenberg, a senior writer for WIRED covering hacking, cybersecurity, and surveillance:

“We dug into the mystery of ‘Jia Tan,’ the polite, conscientious volunteer coder who inserted a surprisingly sophisticated backdoor into XZ Utils—and is most likely the persona of a state-sponsored hacking group based in an Eastern European time zone.”

Having prepared for years, this group nearly executed what might have been the biggest breakthrough in Linux, which, thanks to the software engineer at Microsoft, Andres Freund, did not take place.

Despite the challenges, however, there’s always a silver lining. First, the code contributed to the open-source ecosystem will be handled with greater caution. Secondly, jokingly or not, from this point forward, contributing code and communicating with the project’s coworkers through an established VPN connection will inevitably trigger a big red alert.

At the same time, GitHub’s XZ Utils repository and the account of its lead developer, Lasse Collin, have been unblocked, allowing work on the project to continue.

Bobby Borisov

Bobby Borisov

Bobby, an editor-in-chief at Linuxiac, is a Linux professional with over 20 years of experience. With a strong focus on Linux and open-source software, he has worked as a Senior Linux System Administrator, Software Developer, and DevOps Engineer for small and large multinational companies.

Think You're an Ubuntu Expert? Let's Find Out!

Put your knowledge to the test in our lightning-fast Ubuntu quiz!
Ten questions to challenge yourself to see if you're a Linux legend or just a penguin in the making.

1 / 10

Ubuntu is an ancient African word that means:

2 / 10

Who is the Ubuntu's founder?

3 / 10

What year was the first official Ubuntu release?

4 / 10

What does the Ubuntu logo symbolize?

5 / 10

What package format does Ubuntu use for installing software?

6 / 10

When are Ubuntu's LTS versions released?

7 / 10

What is Unity?

8 / 10

What are Ubuntu versions named after?

9 / 10

What's Ubuntu Core?

10 / 10

Which Ubuntu version is Snap introduced?

The average score is 68%