A massive supply chain attack targeting the Arch User Repository (AUR) has compromised more than 400 community-maintained packages, with attackers injecting malicious build scripts designed to deploy credential-stealing malware and rootkit-style payloads on affected Linux systems.
I hope all the Arch based distros will do a proper post to inform their users on how to cleanup afterwards.
I’m hoping at least cachyos, the distro I use, will tell me exactly how to check and clean my system.
I remember that when I installed a few of my AUR package, I was well aware that this repo was pretty much unregulated and that I just have to trust it’s safe. So I made sure to only use AUR as a last resort. But there was warnings on cachyos that were displayed to tell me to be cautious about it so that’s at least a positive.
The article has instructions to do exactly that.
The Checklist of infected packages