n_toJa, huch - und wie findet man jetzt am besten raus, ob man betroffen ist?
UPDATE: Hier gibt es ein Skript zum prΓΌfen der installierten Pakete: https://www.reddit.com/r/linux/comments/1u3alhe/roughly_400_aur_packages_compromised/ (Danke @phillo !)
TROMMany AUR packages have been compromised - forum.tromjaro.com/t/many-aur-β¦
We explain how to check if you were infected.
#aur #aurexploit #linux #xfce #tromjaro #manjaro #foss #opensource #atomicarch
Many AUR packages have been compromised
You can read the entire thing here - Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit But basically it seems that hundreds of AUR packages that were not maintained in a while got βupdatedβ with a malicious code. The motive? To steal your data. Chromium based browsers were targeted. We use Firefox for TROMjaro, so all fine. Electron Based applications - could be Element or others - plus SSH keys, known_hosts, and shell histories. Read that article for more details...
Taffer π¨π¦
Anybody got a scanner or something for the Atomic Arch malware campaign?
Hackread.comπ£π¨ Over 20 Linux packages were compromised in the #AtomicArch campaign, which abuses AUR ownership transfers to drop rootkit-like malware.
Read: https://hackread.com/atomic-arch-hijacks-linux-aur-packages-malware/
