#atomicarch — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #atomicarch, aggregated by home.social.
-
⚠️ Arch users have certainly heard of #atomicarch : attackers hijacked orphaned AUR packages, slipping credential-stealing #malware into PKGBUILD post-install hooks. Official repos are safe - only AUR is hit. A community list of compromised packages has since grown to 1935 entries: https://github.com/lenucksi/aur-malware-check
If you installed or updated any AUR package since June 11 2026, cross-check the output of ‘yay -Qm’ against the list. A match means rotate all credentials and investigate 🔎
-
⚠️ Arch users have certainly heard of #atomicarch : attackers hijacked orphaned AUR packages, slipping credential-stealing #malware into PKGBUILD post-install hooks. Official repos are safe - only AUR is hit. A community list of compromised packages has since grown to 1935 entries: https://github.com/lenucksi/aur-malware-check
If you installed or updated any AUR package since June 11 2026, cross-check the output of ‘yay -Qm’ against the list. A match means rotate all credentials and investigate 🔎
-
🚨 Atomic Arch: AUR Malware Audit Tool
The recent "Atomic Arch" campaign compromised over 1,500 AUR packages. If you synced using yay or paru between June 10-12, you might have pulled a Trojan targeting your SSH keys and API tokens.
I’ve built a privacy-focused audit tool to help you check your system.
✅ Privacy First: All processing happens locally in your browser.
✅ Live Data: Fetches the threat list directly from Arch security servers.
✅ No Trackers: Just the tool and the data you need.
Audit your system here:
https://the.unknown-universe.co.uk/privacy-security/atomic-arch-audit-tool/
Stay paranoid.
#ArchLinux #AUR #Linux #CyberSecurity #AtomicArch #FOSS #Privacy #InfoSec -
🚨 Atomic Arch: AUR Malware Audit Tool
The recent "Atomic Arch" campaign compromised over 1,500 AUR packages. If you synced using yay or paru between June 10-12, you might have pulled a Trojan targeting your SSH keys and API tokens.
I’ve built a privacy-focused audit tool to help you check your system.
✅ Privacy First: All processing happens locally in your browser.
✅ Live Data: Fetches the threat list directly from Arch security servers.
✅ No Trackers: Just the tool and the data you need.
Audit your system here:
https://the.unknown-universe.co.uk/privacy-security/atomic-arch-audit-tool/
Stay paranoid.
#ArchLinux #AUR #Linux #CyberSecurity #AtomicArch #FOSS #Privacy #InfoSec -
Ja, huch - und wie findet man jetzt am besten raus, ob man betroffen ist?
UPDATE: Hier gibt es ein Skript zum prüfen der installierten Pakete: https://www.reddit.com/r/linux/comments/1u3alhe/roughly_400_aur_packages_compromised/ (Danke @phillo !)
-
Ja, huch - und wie findet man jetzt am besten raus, ob man betroffen ist?
UPDATE: Hier gibt es ein Skript zum prüfen der installierten Pakete: https://www.reddit.com/r/linux/comments/1u3alhe/roughly_400_aur_packages_compromised/ (Danke @phillo !)
-
Many AUR packages have been compromised - forum.tromjaro.com/t/many-aur-…
We explain how to check if you were infected.
#aur #aurexploit #linux #xfce #tromjaro #manjaro #foss #opensource #atomicarch
-
Many AUR packages have been compromised - forum.tromjaro.com/t/many-aur-…
We explain how to check if you were infected.
#aur #aurexploit #linux #xfce #tromjaro #manjaro #foss #opensource #atomicarch
-
Anybody got a scanner or something for the Atomic Arch malware campaign?
-
Anybody got a scanner or something for the Atomic Arch malware campaign?
-
📣🚨 Over 20 Linux packages were compromised in the #AtomicArch campaign, which abuses AUR ownership transfers to drop rootkit-like malware.
Read: https://hackread.com/atomic-arch-hijacks-linux-aur-packages-malware/
-
📣🚨 Over 20 Linux packages were compromised in the #AtomicArch campaign, which abuses AUR ownership transfers to drop rootkit-like malware.
Read: https://hackread.com/atomic-arch-hijacks-linux-aur-packages-malware/