Backdoor was intentionally planted in a Unix administration tool called Webmin. The vulnerability was a secret backdoor planted in the popular utility nearly a year before its discovery. Backdoor gave anyone with knowledge of its existence the ability to execute commands as root, meaning an attacker could take control of the targeted endpoint. Webmin said it would adopt new mitigations efforts such as:Updating the build process to use only checked-in code from Github, rather than a local directory that is kept in sync.
Source: https://threatpost.com/backdoor-found-in-utility-for-linux/147581/

