OpenSSH was trojaned yesterday. There is not little authoritative information on the situation. What is known is that the original file was exchanged with a trojaned file and was discovered because it had a different MD5 checksum. . .
OpenSSH was trojaned yesterday. There is not little authoritative information on the situation. What is known is that the original file was exchanged with a trojaned file and was discovered because it had a different MD5 checksum.

The difference in the files says that it is not really a trojan because all it does is make a connection to 203.62.158.32 on port 6667. The difference is in the file:

openssh-3.4p1/openbsd-compat/Makefile.in

The tarball of OpenSSH on ftp.openbsd.org is trojaned. The backdoor is only used during the build. The binary affected is bf-test.c.

The Email message is available freebsd security.

The Advisory is available here.

The link for this article located at OpenSSH is no longer available.