Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Belkin Expands Nintendo Switch 2 Accessories Ecosystem With New Charging Grip and Travel Bag4.6.2026 19:00:00 EEST | Press release
Today, Belkin, a leading consumer electronics brand for 40 years, announced the expansion of its Nintendo Switch 2 accessories ecosystem with the launch of the GamingCharging Grip for Nintendo Switch 2 and Gaming Travel Bag for Nintendo Switch 2. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260604082278/en/ Belkin expands Nintendo Switch 2 accessories ecosystem with new Charging Grip and Travel Bag Following the January debut of the award-winning Charging Case Pro, the new accessories build on Belkin’s growing gaming portfolio, offering players more ways to power, protect and carry their gaming essentials wherever they play. After entering the gaming accessories category in June 2025, Belkin continues to expand its ecosystem with thoughtfully designed products that combine premium materials, practical innovation and trusted performance. The latest additions are designed to elevate handheld gameplay and make gaming on the g
DEWA Opens Registration for WETEX 20264.6.2026 18:55:00 EEST | Press release
Dubai Electricity and Water Authority (DEWA) has opened registration for the 28th edition of the Water, Energy, Technology and Environment Exhibition (WETEX), which will take place from 20 to 22 October 2026 at the Dubai World Trade Centre. One of the leading specialised exhibitions of its kind in the world and the largest in the region, WETEX is convened by DEWA under the directives of HH Sheikh Mohammed bin Rashid Al Maktoum, Vice President and Prime Minister of the UAE and Ruler of Dubai, and the patronage of HH Sheikh Ahmed bin Saeed Al Maktoum, Chairman of the Dubai Supreme Council of Energy. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260604642265/en/ DEWA opens registration for WETEX 2026 (Photo: AETOSWire) WETEX covers a wide range of sectors, including energy, water, environment, green development, digital transformation, artificial intelligence (AI), sustainability, decarbonisation, green mobility, green hydroge
LotusFlare’s DNO™ Cloud Powers the Launch of Pi in South Africa4.6.2026 18:49:00 EEST | Press release
LotusFlare, a leading provider of cloud-native, AI-driven digital commerce and monetization platforms for communications service providers (CSPs), today announced its partnership with MTN South Africa to power the launch of its new digital brand, Pi. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260604149542/en/ At the core of Pi is LotusFlare’s DNO™ Cloud—a fully digital, cloud-native BSS platform that enables delivering a seamless, app-first customer experience at scale. From onboarding to plan management, Pi customers can access 5G mobile, fixed wireless, and travel eSIM services within minutes—without contracts, credit checks, or call centres—through a single, intuitive interface. DNO™ Cloud underpins the entire Pi ecosystem, including front-end digital experiences, product catalog, order management, converged charging, billing, and eSIM orchestration. Deployed on public cloud infrastructure in compliance with South Afr
INRIX Sets the Standard for Predictive and Accurate Parking Intelligence4.6.2026 18:42:00 EEST | Press release
INRIX, Inc., a global leader in transportation intelligence, today announced a significantly expanded deployment of its predictive parking and curb intelligence platform, reinforcing its position as the industry’s most comprehensive and decision-grade parking intelligence solution for automotive OEMs, cities, and mobility platforms worldwide. INRIX provides real world coverage based on how parking actually works on-street, off-street, dynamic availability and driver behavior. Others count locations. INRIX understands parking ecosystems. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260604808273/en/ Parking Intelligence for a New Era of Mobility Parking Intelligence for a New Era of Mobility Parking data has traditionally been evaluated based on volume, how many locations are listed, or how many attributes are captured. But as mobility evolves, these metrics are no longer sufficient. INRIX is redefining the category by prior
Steady concentration PD with the Carry Life UF system increased ultrafiltration nearly threefold and sodium removal nearly tenfold vs 2.5% dextrose CAPD, while improving glucose efficiency and supporting enhanced fluid management in PD patients4.6.2026 17:45:00 EEST | Press release
Triomed AB today announced positive results from a prospective, multicenter, randomized, crossover study evaluating steady concentration peritoneal dialysis using the Carry Life UF system in adult patients undergoing CAPD. The study demonstrated significant improvements in ultrafiltration, peritoneal sodium removal and glucose ultrafiltration efficiency (ultrafiltration volume in relation to glucose absorption) compared with standard 2.5% dextrose CAPD in the home setting over four weeks. The study results were presented as a Focussed Oral presentation based on a late-breaking clinical trial abstract at the European Renal Association (ERA) Congress in Glasgow, United Kingdom, and simultaneously published in the Journal of the American Society of Nephrology (JASN). In this study, participants received their standard CAPD treatment during the control arm, whereas in the Carry Life UF arm, one daily 2.5% dextrose exchange was replaced by a Carry Life UF treatment three days per week, and
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom