The following incident shows that the binary
sudo wrote to
ld.so.preload file, which is a special Linux system file that impacts the entire system. By editing the Linux dynamic loader or files relied upon by the loader such as
ld.so.preload, the attacker can inject malicious code to any binary execution.