Submission + - Arch Linux isnâ(TM)t immune: Malware found hiding in AUR packages (nerds.xyz)
BrianFagioli writes: Arch Linux just reminded us all of an uncomfortable truth: Linux isnâ(TM)t bulletproof when it comes to malware.
Earlier this week, three malicious AUR packages slipped into the ecosystem. The names might look familiar: firefox-patch-bin, librewolf-fix-bin, and zen-browser-patched-bin. Each one was quietly laced with a script that fetched a Remote Access Trojan (RAT) from a GitHub repository.
The packages were uploaded by the same user and lingered on the AUR for roughly two days. Arch acted quickly once the issue came to light. As of today, the bad packages have been fully removed from the AUR. But if you installed any of them, the damage might already be done.
Earlier this week, three malicious AUR packages slipped into the ecosystem. The names might look familiar: firefox-patch-bin, librewolf-fix-bin, and zen-browser-patched-bin. Each one was quietly laced with a script that fetched a Remote Access Trojan (RAT) from a GitHub repository.
The packages were uploaded by the same user and lingered on the AUR for roughly two days. Arch acted quickly once the issue came to light. As of today, the bad packages have been fully removed from the AUR. But if you installed any of them, the damage might already be done.