got this in my email.
Arch Linux PDF reader package poisoned
Malware Attack On Arch Linux AUR Repository; Three Packages Infected So Far - Amateur bid to add code to Arch Linux packages found and squashed - Full Coverage
3
Arch AUR Repo Malware Attack "Hacked"?
Started by
mhbell
, Jul 11 2018 03:35 PM
6 replies to this topic
#1 OFFLINE
mhbell
-
- Members
-
- 2,212 posts
Posting Prodigy
Posted 11 July 2018 - 03:35 PM
Registered Linux User #239772
Mint 18.1 Cinnimon, MX-16, Siduction LXQT, Debian Stretch, and Other Linux Distro's
https://pctechman.wordpress.com/
Mint 18.1 Cinnimon, MX-16, Siduction LXQT, Debian Stretch, and Other Linux Distro's
https://pctechman.wordpress.com/
#2 ONLINE
securitybreach
-
- Forum Admins
-
- 23,841 posts
CLI Phreak
Posted 11 July 2018 - 04:21 PM
It's all complete lies. There was not any malware at all, technically it wasn't even malicious. He simply added a systemd timer and script (called xeactor) to gather basic system info. https://ptpb.pw/~x. I wouldn't really call it malware but its a perfect example of why you should read the PKGBUILDS if you install user submitted packages. If someone is stupid enough to blindly install an unofficial app, then they deserve to be infected. Too bad that it wasn't actually malicious.
It was an orphaned pkg (acroread - who even uses it?) and some pleb adopted it, added a timer and script to gather basic system info, which didn't even work.. and then left you a 'compromised.txt' in your home to brag... User was known to devs, known moron who wanted help installing kali.
It was an orphaned pkg (acroread - who even uses it?) and some pleb adopted it, added a timer and script to gather basic system info, which didn't even work.. and then left you a 'compromised.txt' in your home to brag... User was known to devs, known moron who wanted help installing kali.
CNI Radio/G+ Profile/Configs/PGP Key/comhack π ∞
"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984
#3 OFFLINE
mhbell
-
- Members
-
- 2,212 posts
Posting Prodigy
Posted 11 July 2018 - 04:30 PM
I figured if anyone would know, it would be you Security. LoL! There is about 5 different Newsletters carrying the story, and they all say the same.
Registered Linux User #239772
Mint 18.1 Cinnimon, MX-16, Siduction LXQT, Debian Stretch, and Other Linux Distro's
https://pctechman.wordpress.com/
Mint 18.1 Cinnimon, MX-16, Siduction LXQT, Debian Stretch, and Other Linux Distro's
https://pctechman.wordpress.com/
#4 ONLINE
securitybreach
-
- Forum Admins
-
- 23,841 posts
CLI Phreak
Posted 11 July 2018 - 04:45 PM
mhbell, on 11 July 2018 - 04:30 PM, said:
I figured if anyone would know, it would be you Security. LoL! There is about 5 different Newsletters carrying the story, and they all say the same.
Honestly, I'm already tired of hearing about it. All these sites using buzzwords to get hits. There was not a single reason to call it malware.
CNI Radio/G+ Profile/Configs/PGP Key/comhack π ∞
"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984
#5 OFFLINE
sunrat
-
- Forum Moderators
-
- 5,655 posts
Thread Kahuna
Posted 11 July 2018 - 09:49 PM
securitybreach, on 11 July 2018 - 04:45 PM, said:
Honestly, I'm already tired of hearing about it. All these sites using buzzwords to get hits. There was not a single reason to call it malware.
registered Linux user number 324659 || The importance of Reading The *Fine* Manual! :D
For the things we have to learn before we can do them, we learn by doing them.
For the things we have to learn before we can do them, we learn by doing them.
#6 ONLINE
securitybreach
-
- Forum Admins
-
- 23,841 posts
CLI Phreak
Posted 11 July 2018 - 09:59 PM
sunrat, on 11 July 2018 - 09:49 PM, said:
securitybreach, on 11 July 2018 - 04:45 PM, said:
Honestly, I'm already tired of hearing about it. All these sites using buzzwords to get hits. There was not a single reason to call it malware.
Haha
CNI Radio/G+ Profile/Configs/PGP Key/comhack π ∞
"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984
#7 OFFLINE
mhbell
-
- Members
-
- 2,212 posts
Posting Prodigy
Posted 12 July 2018 - 01:01 PM
sunrat, on 11 July 2018 - 09:49 PM, said:
securitybreach, on 11 July 2018 - 04:45 PM, said:
Honestly, I'm already tired of hearing about it. All these sites using buzzwords to get hits. There was not a single reason to call it malware.
Registered Linux User #239772
Mint 18.1 Cinnimon, MX-16, Siduction LXQT, Debian Stretch, and Other Linux Distro's
https://pctechman.wordpress.com/
Mint 18.1 Cinnimon, MX-16, Siduction LXQT, Debian Stretch, and Other Linux Distro's
https://pctechman.wordpress.com/
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
