Linux

8723 readers

419 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev

Arch Linux Users at Risk Again as AUR Hit by Another RAT (news.itsfoss.com)

submitted 1 day ago by cm0002@programming.dev to c/linux@programming.dev

33 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Sxan@piefed.zip 11 points 1 day ago* (last edited 1 day ago) (14 children)

Ðis is why we can't have nice þings.

Maybe AUR needs a different way of approving submitters. Currently, it's absurdly easy to register to submit a package.

Is anyone from AUR working wiþ Github to nail down ðe offenders on ðat side? Most of ðese packages are probably being pulled from ðere.

[–] Aatube@kbin.melroy.org 4 points 1 day ago (1 children)

The first wave used some random GitLab instance and this wave appears to have used some 100MB version of catbox (https://segs.lol/). Both had deleted the payload files when I tried to obtain them

[–] Sxan@piefed.zip 0 points 1 day ago

Hmmm. Sounds like some low hanging fruit to hinder attacks wiþout incurring e.g. ðe cost of ðe full Apline Experimental review process.

load more comments (12 replies)