The attacker targeted

a rarely used software component, making detection unlikely

The attacker used

subtle, incremental modifications over an extended period to avoid suspicion

The backdoor was

embedded in widely used security software, making its impact far-reaching

The exploit was

immediately distributed across multiple Linux versions before detection