442
400+ Arch Linux AUR Packages Compromised in a Supply Chain Attack Deploying Infostealers
(cybersecuritynews.com)
This is a most excellent place for technology news and articles.
Ok, but I was expecting something a bit more automated then opening a list of package in kate and comparing it to my list of installed AUR package... Plus it's 400 package so that's a lot of things to check and plenty of space to miss one package by manually checking.
But I get it I'm lazy and just need to script something myself. This is affecting so many people I thought we would have a script to check quickly if you are "infected".
Edit : thanks for the numerous script sent as reply ! But I'm all set now, thanks !
It took Arch ~19 years just to get
archinstall.Something tells me there won't be a script.
The link is a script
A lot of those 19 years were times where only nerds used arch.
Arch had curses based installator for a long time, it became unmaintained.
CachyOS community seems to have a detection script, I have not vetted this run at your own discretion.
https://discuss.cachyos.org/t/aur-compromised-400-packages-affected-20260611/31040
Here's a script:
https://gist.github.com/Kidev/59bf9f5fb53ab5eee99f19a6a2fc3992
You could probably find it on aur lmao
I haven't used kate but does it not have some sort of easy search?
ex. pacman -Qm to list AUR packages; should display the 3/4 pkgs you have installed. Then just search in kate for those 3/4 results?
Alternatively cat & grep in the terminal is pretty straight forward.
That is if it's 3/4 pkgs that are from AUR, but if someone has hundreds installed that is a bigger issue on its own.
Damn how long is the list when you
Am I missing something ?
Just because I have 3/4 package on my system doesn't mean the 400+ list of affected package gets shorter on the other side...
I'm actually pretty cautious with AUR and I only install them when there is no other options.
Especially for a small list, 3-4, that you actually need to check, what's the actual issue? Open list of 400, ctrl+f for the few names you care about, move on.
I was just curious because I didnt think it was so tediuous to check against an alphabetical list on a website using ctrl+f. But thats just me. It took me less than a minute to check my 8 aur packages against the list