Gregory's Server@BrodieOnLinux I wonder what software could that be.
>
This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.
This sounds like a two-part attack. First compromise the library, and then βwaitβ for an update or so of another software using that library.
I wonder in what other application the attackers managed to hide the code that does the malicious things.