Slanderous Media Campaigns Trying to Link Linux to 'Backdoors'

posted by Roy Schestowitz on Sep 23, 2023,
updated Sep 23, 2023

THE media sucks. Today's media sucks even more. Backdoors are typically things that exist by design or get added intentionally (ask Microsoft!), but when it comes to "Linux" in the media the rules are different. Apparently, or so we're told, if I choose "goodmorning" as my password and something then happens (e.g. malicious actor "breaking in" with "goodmorning", in turn installing a Remote Access Trojan), then Linux has a "backdoor". This sort of misframing tends to distract from the real issue, such as governments mandating the "weakening" (i.e. undermining, it's just a euphemism) of encryption or, by extension, basic system safeguards.

Looking around news regarding China this past week, it seems apparent that Western authorities remain concerned about Beijing's (or Bytedance's) TikTok [1], "Five-Eyes" (six if one counts Japan) remain wary of the Chinese military [2], and Snowden's NSA leaks are re-used by China to play the "victim card" for Huawei [3]. What's upsetting though is the latest nonsense [4] from linuxsecurity.com -- a site that we criticised here many times before.

Basically, Microsoft's proprietary hosting (GitHub) serves malicious software (again!) and we're meant to think this means "Never-Before-Seen Linux Backdoor". How about this for a headline: Microsoft is distributing attack code against Linux using its servers. Mind the opening sense: "The new backdoor originates from a Windows backdoor named Trochilus."

The title ought to focus on Windows and Microsoft, not Linux. And this isn't about a "Linux Backdoor". But good luck lecturing the media composed by non-Linux users (in this case, a marketing person, Brittany Day), projecting Windows problems onto "Linux". Nice clickbait you got there, though. █

Related/contextual items from the news:

1. TikTok Is Hit With $368 Million Fine Under Europe’s Strict Data Privacy Rules

   European regulators slapped TikTok with a $368 million fine for failing to protect children’s privacy, the first time that the popular short video-sharing app has been punished for breaching Europe’s strict data privacy rules.

2. Australia boosts maritime surveillance with drones, aircraft upgrades

   Australia will spend A$1.5 billion ($966 million) to boost maritime surveillance of its northern approaches, buying more long range drone aircraft and upgrading Poseidon maritime patrol aircraft.

3. China resurrects old charges of NSA breaking into Huawei servers

   China has resurrected charges that go back more than a decade, accusing the NSA of hacking into the servers of telecommunications equipment vendor Huawei Technologies from 2009 onwards.

4. Chinese Hackers Have Unleashed a Never-Before-Seen Linux Backdoor

   The new backdoor originates from a Windows backdoor named Trochilus, which was first seen in 2015 by researchers from Arbor Networks, now known as Netscout. They said that Trochilus executed and ran only in memory, and the final payload never appeared on disks in most cases. That made the malware difficult to detect. Researchers from NHS Digital in the UK have said Trochilus was developed by APT10, an advanced persistent threat group linked to the Chinese government that also goes by the names Stone Panda and MenuPass.