Linux

13976 readers

378 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 3 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev

174

Arch Linux AUR Malware Campaign Hits Multiple User-Contributed Packages (linuxiac.com)

submitted 3 days ago by cm0002@lemy.lol to c/linux@programming.dev

69 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] TheDuke@europe.pub 3 points 3 days ago (1 children)

Oh my, I'm new to Linux and I use CachyOS for my gaming rig at home. Most of the time I have no idea what I'm doing, but shit runs well and I'm happy about it. But how the hell do I check my noob ass if it's compromised?!

[–] FiniteBanjo@programming.dev 1 points 3 days ago* (last edited 3 days ago)

I'm not real clear on if this is the case but you could try:

Have you installed or updated from the AUR before, such as with Yay? Specifically after June 5th? If so, check this list or the post above for a list of compromised packages. https://gr.ht/aur_pkg_list.txt
Maybe pacman -Q | grep atomic-lockfile because that appears to be what the threat actor is installing but I'm not really sure if that's how it works...?