46
Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit
(thehackernews.com)
Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).
This community is automagically fed by an instance of Dittybopper.
Commenting rules:
What does this mean for the average dumbass like me?
Also, if you're running an arch based system and you're worried, in the terminal you can run:
pacman -Qm
to display what're considered foreign packages that your system has installed and cross reference them, if any, with the list found here:
aur_check
It means that if you've installed (built) anything from the AUR in the last ~48 hours, and you were unlucky enough to choose an impacted package, then consider you machine compromised. The article does a better job of explaining.