_Please_ do not advise people to run `xz --version` or similar to check whether they're affected or not.
Right now, as far as I know, the analysis of the obfuscated malware is far from complete. There may be other triggers. There may be malware in older versions, because the attacker had commit access for years.
By running xz and asking it for its version, you're _running_ what could be more malware.
Instead, ask the system's package manager which version of xz is currently installed.
#xz
scy /
npub15p…khvce
2024-03-30 10:46:23
in reply to nevent1q…6rw4
Author Public Key
npub15pc5vt5kqgr60g389gl4n5zzuktz8wezz76klym9ew3puy3p8clqckhvcePublished at
2024-03-30 10:46:23Event JSON
{
"id": "557bac2413cada47d3ce17fd5f14040531793b2260a164bd4cb64b596a453770",
"pubkey": "a071462e960207a7a2272a3f59d042e59623bb2217b56f9365cba21e12213e3e",
"created_at": 1711795583,
"kind": 1,
"tags": [
[
"t",
"xz"
],
[
"e",
"0c20d41053325b78821ff60f7857df03d44a12aefc72dd263ad1ddf85f335fae",
"",
"reply"
],
[
"e",
"04fe4e4b06f2b643cbb3af080959268ac763e11342c28ab114042675e37e8ae2",
"",
"root"
],
[
"p",
"a071462e960207a7a2272a3f59d042e59623bb2217b56f9365cba21e12213e3e"
],
[
"proxy",
"https://chaos.social/users/scy/statuses/112184235346016144",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://chaos.social/users/scy/statuses/112184235346016144",
"pink.momostr"
]
],
"content": "_Please_ do not advise people to run `xz --version` or similar to check whether they're affected or not.\n\nRight now, as far as I know, the analysis of the obfuscated malware is far from complete. There may be other triggers. There may be malware in older versions, because the attacker had commit access for years.\n\nBy running xz and asking it for its version, you're _running_ what could be more malware.\n\nInstead, ask the system's package manager which version of xz is currently installed.\n\n#xz",
"sig": "ebc0cbe970c272e5a0cbcafd3d829542539c67e67fd88ccc0d17f5989167b83699a3cfad4ae98a8bd46f3597a1ffb1dfbb4b199eb8771ed1f1d8e8ca3af82cc7"
}