Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
MSCI Announces the Results of the MSCI 2026 Market Classification Review24.6.2026 00:42:00 EEST | Press release
MSCI released the results of the MSCI 2026 Market Classification Review. Key takeaways from this year's review include: Reclassification of Bulgaria from Standalone to Frontier Market status Assessment of shareholder transparency and coordinated trading concerns in the Indonesian and Turkish equity markets, acknowledging the announced steps undertaken by both markets to address these matters and noting the continued potential for future consultations on the appropriate treatment of these markets if credible progress is not observed Acknowledgement of the removal of floor prices in Bangladesh, with a caution that any reintroduction could prompt a consultation on reclassification from Frontier to Standalone Market status Ongoing monitoring of the implementation of measures aimed at improving the accessibility of the Korean equity market for international institutional investors Reminder on the reclassification of Greece from Emerging to Developed Market status at the May 2027 Index Revie
Elliptic Intelligence Used by the FBI in Action Against Huione, the $134 Billion Criminal Marketplace and Money Laundering Operation24.6.2026 00:28:00 EEST | Press release
Elliptic, the global leader in digital asset decisioning, today announced that its intelligence was used by the Federal Bureau of Investigation in today's action against the operators of Huione Group. The Justice Department announced the seizure of a cloud computing account used by subsidiaries of the Huione Group, a Cambodia-based corporate conglomerate. First exposed by Elliptic in July 2024, Huione Guarantee was a Telegram-based marketplace serving online fraudsters across Southeast Asia. Merchants sold money laundering services, stolen personal data, websites and other goods and services necessary to perpetrate so-called “pig-butchering” scams and other online fraud., By the time Huione was forced offline, it had received more than $31 billion in cryptoasset transactions, making it the largest illicit online marketplace ever recorded, more than 25 times larger than Silk Road and AlphaBay combined. Huione Group’s payments arm, Huione Pay, was also implicated in the laundering of pro
Rockwell Automation Site Named a World Economic Forum Global Lighthouse24.6.2026 00:13:00 EEST | Press release
Rockwell Automation, Inc. (NYSE: ROK), the world’s largest company dedicated to industrial automation and digital transformation, today announced its Singapore manufacturing facility has been named a member of the Global Lighthouse Network by the World Economic Forum (WEF). The designation recognizes this facility for applying advanced technologies at scale to deliver measurable improvements in productivity, quality and workforce enablement. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260623794856/en/ Rockwell Automation Site Named a World Economic Forum Global Lighthouse Rockwell’s Singapore site was recognized with distinction in the productivity category, reflecting its transformation into a highly flexible, data-driven operation. By deploying more than 50 digital and AI-enabled solutions - including intelligent automation, AI-driven quality control and predictive maintenance - the facility improved output efficiency,
NIKE, Inc. Announces Planned CFO Transition23.6.2026 23:17:00 EEST | Press release
NIKE, Inc. (NYSE:NKE) today announced that David M. Denton will join the company as Executive Vice President and Chief Financial Officer, effective August 17. Matthew Friend will step down as Executive Vice President and Chief Financial Officer at that time and remain with the company through September 4 to support an orderly transition. Friend will participate in the company’s fourth quarter fiscal 2026 earnings call on June 30, as planned. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260623328558/en/ David M. Denton | Incoming Executive Vice President & Chief Financial Officer, NIKE, Inc. Denton will lead Nike’s global finance organization, partnering with President and Chief Executive Officer Elliott Hill and the Senior Leadership Team to support disciplined execution, capital allocation, and long-term value creation. “Dave is a proven public-company CFO who knows how to help great consumer brands operate with disciplin
Grid Dynamics Hosted XT26, Convening Capital Markets Technology Leaders on the Volatility of AI in Financial Services23.6.2026 23:05:00 EEST | Press release
Grid Dynamics Holdings, Inc. (Nasdaq: GDYN) (“Grid Dynamics”), a premier AI transformation partner for the Fortune 1000, hosted XT26. The invite-only conference convened over 250 senior technology leaders from banking, hedge funds, and capital markets at Tower Hill, London. Now in its 10th year, the XT conference series has grown into one of financial services engineering's most respected peer forums in London, built on a single premise: pure thought leadership grounded in real-world experience, with no sales pitches, and no vendor presentations. Just practitioners who are actually doing the work. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260623112231/en/ Simone Steel speaking at XT26 The event included speakers and delegates from organizations including Bank of America, Citi, HSBC, UBS, RBC, Barclays, JP Morgan, Morgan Stanley, NatWest, Meta, FINOS, and Griffin Bank, among others. With a focus on the volatility of AI i
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom