top of page

How a Hacker Almost Took Over…Everything?


CYBER THOUGHTS NEWSLETTER

MARCH 2024


Lucas Nelson of Lytical Ventures and Coinbase CSO Philip Martin will be at SuperVenture US West on April 8th, discussing how cybersecurity startups fill gaps in the fast-moving threat landscape. If you are interested in attending, use our code FKR3554EMSPN to save 20% on the ticket fee.














If you’re in the area please reach out and we can try to catch up.


Now, on to our regularly scheduled (often snarky) commentary. Let’s start with a classic:


If you get this joke, skip to the next paragraph. Still, here? Great! The point is that our modern computer systems are built on a lot of Open-Source code, much of which is maintained on a volunteer basis by folks toiling in obscurity. What could possibly go wrong?


The big news in the infosec community this past week has been the discovery of a back door in a somewhat obscure but highly used piece of software. The code in question compresses data, and it is used in all sorts of important places. One place it is used is in creating packages for SSH servers, secure access to systems used by administrators. An unknown actor created a backdoor in the xz package that might have allowed them to hack into systems using SSH. Which is pretty much everything of importance.


We say it might have allowed them since it was caught relatively early. To be vulnerable you’d have to be running the latest builds of the code which is in beta. But this isn’t a story about how good software processes caught the attention of the security gurus, rather it’s a story of getting extremely lucky. A Microsoft employee happened to be benchmarking his system at an incredibly granular level when he noticed his SSH server was acting funny. Rather than just moving on, he decided to dig in and uncovered the plot. To say that everyone got lucky is a large understatement. 


It turns out that a hacker spent over two years working their way onto the project, gaining trust, then inserting bugs to fix that would give cover for the malicious code. Finally they created other accounts to push for the inclusion of the “fixed” code into popular software distributions. It’s a long con and they almost got away with it.


This is noteworthy because it shows that software supply chain hacks are happening in the wild, and that we aren’t prepared for them. While we caught this one before it was widely deployed, there could be others we don’t know about already in production. 


Below are a few of the articles that caught our attention this month. Moreover, we’ve inserted one or two sentences in italics, summarizing each article’s importance. We hope you enjoy and appreciate the material.


Lastly, if you appreciate our highlighted content, please follow us on Twitter and LinkedIn, where we regularly post about things worthy of attention.



WHAT WE'RE READING

Here's a curated list of things we found interesting.


Linux xz Backdoor Damage Could be Greater Than Feared

See discussion above. 

A mysterious contributor who planted the backdoor helped maintain the widely used xz compression library for the past two years. So what else was hidden in there?





A Brazen Yogurt Heist Shows How Cyber Gangs Are Hijacking U.S. Goods

We just couldn’t resist the title “Brazen Yogurt Heist”. But seriously, we are seeing more sophisticated attacks that are being carried out in the physical world as well as online.

Thieves intercepted a refrigerated container bound for Florida and demanded a $40,000 ransom—part of a surge in fraud that has frustrated freight haulers.





Empire State of AI: New York’s Dynamic AI Community

With over 35 AI unicorns New York is quickly becoming a hot market for AI investing. We’ve been active in the space since we first raised, but it’s nice to see articles like this where others are taking notice.

New York is an emerging AI startup hub due to its diverse mix of industries, academic and corporate AI Labs, and the presence of local venture funds investing in AI.



TRANSACTIONS

Deals that caught our eye.


Amazon Writes Its Largest Venture Cheque Yet for AI Start-up Anthropic

Cybersecurity firm ZeroFox (Nasdaq: ZFOX), which markets itself as a provider of “external cybersecurity solutions”, has entered into a definitive agreement to be acquired by Haveli Investments, a tech-focused private equity firm, in an all-cash transaction with an enterprise value of roughly $350 million.



Zscaler buys Israeli cybersecurity co Avalor for $350m

Avalor was founded only two years ago and has raised $30 million to date.




PODCASTS

What we're listening to.


Cyber Thoughts Podcast; Episode 9 with Sameer Malhotra, Founder and CEO of TrueFort

In this Cyber Thoughts episode, Lucas Nelson sits with Sameer Malhotra, TrueFort's Founder and CEO, to explore his journey from the financial sector to cybersecurity innovation. Sameer discusses Truefort's genesis during a pivotal time in cyber defense, emphasizing their mission to halt lateral cyber threats through advanced technology. He also touches on the significance of partnerships, utilizing platforms for growth, and the evolving landscape of cybersecurity. Tune in for an enlightening conversation on navigating the startup world and envisioning the future of cyber protection.





ABOUT LYTICAL

Lytical Ventures is a New York City-based venture firm investing in Enterprise Intelligence, comprising cybersecurity, data analytics, and artificial intelligence. Lytical’s professionals have decades of experience in direct investing generally and in Corporate Intelligence specifically.

Comments


bottom of page