Binarly Releases Free Detection Tool for XZ Backdoor

1.4.2024 23:39:00 EEST | Business Wire | Press release

Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).

The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).

According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.

“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.

“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.

For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.

The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.

For more information read our research article and access the free XZ backdoor scanner at XZ.fail.

About Binarly:

Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/

Contact information

media@binarly.io
818.351.9637

About Business Wire

Business Wire

http://www.businesswire.com

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Compass Pathways Announces FDA Granted NDA Rolling Review Request and Awarded Commissioner's National Priority Voucher24.4.2026 17:37:00 EEST | Press release

Compass Pathways plc (Nasdaq: CMPS), a biotechnology company dedicated to accelerating patient access to evidence-based innovation in mental health, today announced the U.S. Food and Drug Administration (FDA) granted Compass NDA rolling review request and selected COMP360, Compass’ proprietary formulation of synthetic psilocybin, for the Commissioner's National Priority Voucher (CNPV) program for treatment-resistant depression (TRD). Companies selected for the voucher program will be entitled to benefits including enhanced communications and a shortened 1-2 month review time following filing of a New Drug Application (NDA), while maintaining FDA’s rigorous safety and efficacy standards. “We are honored and grateful to be selected for the CNPV which is a clear validation of both the urgent unmet need facing millions of people living with treatment resistant depression and the innovative science of COMP360,” said Kabir Nath, Chief Executive Officer of Compass Pathways. “As the most advan

Banma Intelligence and Alipay Launch AI Cockpit Solution Powered by Alipay AI Pay, Enabling Seamless and Secure In-Car Transactions by Voice24.4.2026 17:04:00 EEST | Press release

At the 2026 Beijing International Automotive Exhibition (“Auto China 2026”), OS and AI technology company Banma Intelligence and Alipay today launched a new AI cockpit solution integrating Alipay AI Pay, enabling drivers to complete purchases by voice command directly from their vehicle. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260424618328/en/ Industry-first AI Cockpit Solution with Alipay AI Pay Unveiled “In the past two years, smart cockpits have achieved rapid advances in perception and decision-making,” said Ming Cai, Banma Intelligence Chief Product Officer. “With large models onboard, vehicles can understand user intent and make recommendations. By integrating Alipay AI Pay into our AI cockpit solution, we are removing the last friction point in the in-car smart cockpit experience - drivers simply speak to pay, no phone required.” The new AI cockpit solution initially covers two high-frequency use cases: enterta

Spatial Announces the Release 2026 1.0.1: New Enhancements Across 3D InterOp, Data Prep, Meshing, and 3D Modeling SDKs24.4.2026 16:21:00 EEST | Press release

Spatial Corp., the leading software development kit provider for design, manufacturing and engineering solutions and a subsidiary of Dassault Systèmes, today announced new enhancements across several of its product lines. These updates further strengthen Spatial’s commitment to delivering high-performance solutions that optimize interoperability, data preparation, and advanced modeling workflows. Designed to improve efficiency and robustness across CAD translation, modeling, meshing, and simulation processes, the latest updates introduce expanded format support, enhanced PMI handling, and new capabilities for complex geometry processing. 3D InterOp NX Reader Enhancement for 2D Drawings The NX reader imports 2D drawings as visualization data from NX 2412 and later versions. glTF Writer Supports Draco Compression glTF export incorporates Draco compression for meshes and point-clouds to significantly reduce output file sizes. Enhanced Support for Reading Product Manufacturing Information

Meta Signs Agreement With AWS to Power Agentic AI on AWS Graviton Chips24.4.2026 15:10:00 EEST | Press release

Meta has signed an agreement to deploy AWS Graviton processors at scale. The deal marks a significant expansion of a long-standing partnership between the two companies as Meta builds its next generation of AI. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260424641117/en/ The deployment starts with tens of millions of Graviton cores, with the flexibility to expand as Meta's AI capabilities grow. The deal reflects a shift in how AI infrastructure gets built: while GPUs remain essential for training large models, the rise of agentic AI is creating massive demand for CPU-intensive workloads—real-time reasoning, code generation, search, and orchestrating multi-step tasks. Graviton5 is purpose-built for these workloads, giving Meta the processing power to run them efficiently at scale. The chips will power various workloads at Meta, including supporting the company’s AI efforts. That work requires infrastructure that can handle

Meta Signs Agreement With AWS to Power Agentic AI on AWS Graviton Chips24.4.2026 15:10:00 EEST | Press release

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom