12 iulie 2018

Arch Linux AUR Repository Compromised

securityweek.com

A user-maintained Arch Linux AUR (Arch User Repository) software repository was pulled earlier this week after it was found to contain malware. The repository was apparently compromised by an actor using the handle “xeactor” after its original maintainer abandoned it. The affected repo was a user-maintained PDF viewer called acroread .   The orphaned package was modified on June 7, when xeactor added to it a curl script to fetch and execute a malicious script from an attacker-controlled server. [...]