Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Special Olympics Airlift Takes Flight Nationwide; Dove 1 Arrives at St. Paul Downtown Airport19.6.2026 18:09:00 EEST | Press release
The 2026 Special Olympics Airlift officially took flight today as all participating Cessna, Beechcraft and Hawker aircraft, known as Doves, departed from airports across the country. Dove 1 for arrival day, a Cessna Citation Latitude generously operated by Prent Corporation, landed at St. Paul Downtown Airport (STP) carrying Special Olympic athletes and delegation members, signaling the start of Airlift arrivals for the Special Olympics USA Games. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260619085293/en/ Special Olympics Airlift takes flight nationwide; Dove 1 arrives at St. Paul Downtown Airport (Photo credit: Textron Aviation). The arrival signals the start of the world’s largest cumulative peacetime airlift spanning more than 40 years, a coordinated aviation effort organized by Textron Aviation, a Textron Inc. (NYSE: TXT) company, that transports hundreds of Special Olympics athletes and coaches from multiple states
Record Currency Management Participates in Innovative European Bank for Reconstruction and Development (EBRD) -Backed Mongolian Tugrik Transaction19.6.2026 17:53:00 EEST | Press release
Record Currency Management Ltd (RCM), subsidiary of London-listed Record plc (Record Financial Group), is pleased to announce its participation in an innovative local currency bond transaction issued by the European Bank for Reconstruction and Development (EBRD), supporting the development of Mongolia's capital markets while providing institutional investors with access to attractive frontier market opportunities. RCM is the UK currency management arm of Record Financial Group, the London-listed specialist investment group managing USD 115 billion of assets on behalf of institutional clients worldwide. Record's client base comprises pension funds, foundations, sovereign institutions and other asset managers, with whom the Group has built long-standing relationships through its focus on bespoke investment and risk management solutions. Headquartered in London, Record has offices in Hamburg, Zurich, Zug, New York, and Hong Kong. The investment forms part of Record Financial Group's broad
Plasma One Launches to Herald a New Era of Stablecoin Banking19.6.2026 15:29:00 EEST | Press release
Plasma has today announced the launch of Plasma One, its flagship financial product designed to make digital dollars usable for everyday spending, sending and earning. Plasma One is designed to make stablecoins feel like money, only better - more accessible, reliable and efficient. For years, stablecoin adoption has been held back by a fragmented system and poor user experience. We have seen wallets in one place, exchanges in another, and costly off-ramps standing between digital dollars and daily life. Plasma One brings that experience together in a single app, giving users a simple way to spend, send and earn with stablecoins from one account with zero fees. Headquartered in London, the city that gave rise to Revolut, Wise and Monzo, Plasma is making a bigger bet, that the next generation of consumer banking will be built on stablecoin rails, not legacy banking infrastructure. Underneath Plasma One is the Plasma Network, Plasma’s own blockchain, purpose-built to move stablecoins inst
IQM Appoints Craig Ciesla, Former Illumina VP, as CTO; Inés de Vega Becomes Chief Scientist19.6.2026 10:00:00 EEST | Press release
IQM Quantum Computers, the global leader in superconducting quantum computers, today announced the appointments of Dr. Craig Ciesla as Chief Technology Officer (CTO) and Dr. Inés de Vega as Chief Scientist, as she transitions from her role as Vice President of Quantum Solutions, deepening IQM´s leadership as the company prepares for its planned Nasdaq listing through a merger with Real Asset Acquisition Corp. (Nasdaq: RAAQ). This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260619693929/en/ From left to right: Dr. Inés de Vega, Chief Scientist, and Dr. Craig Ciesla, Chief Technology Officer. Ciesla, an experienced deep tech executive with more than 25 years delivering products across multiple industries from startups to Fortune 500 companies, will advance IQM's technology strategy and drive its implementation into systems and products. De Vega, meanwhile, will be responsible for ensuring scientific feasibility and system-level
Teijin Receives Approval for Additional Indications of XEOMIN ® for Cervical Dystonia and Blepharospasm in Japan19.6.2026 10:00:00 EEST | Press release
Teijin Pharma Limited, the core company of the Teijin Group’s healthcare business, and Merz Therapeutics GmbH, a leading player in neurology-focused specialty pharma, jointly announced today that Japan’s Ministry of Health, Labour and Welfare (MHLW) has approved the additional indications for XEOMIN® (incobotulinumtoxinA) for the treatment of cervical dystonia and blepharospasm. This approval represents the fourth and fifth indications for XEOMIN® authorized in Japan, alongside its existing approvals for the treatment of upper limb spasticity, lower limb spasticity and chronic sialorrhea. Cervical dystonia is a focal dystonia characterized by involuntary contractions of the neck muscles, resulting in abnormal or repetitive movements and postures.1 Blepharospasm is also a focal dystonia, characterized by excessive involuntary contractions of the muscles surrounding the eye.2 Both conditions significantly impact patients’ quality of life. The approval by MHLW is based on Phase III clinic
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom