Malware fundet på Arch User Repository (AUR)
Den 7. juli blev en AUR-pakke ændret med en del ondsindet kode, der bør minde Arch Linux-brugere (og Linux-brugere generelt), at alle brugergenererede pakker bør kontrolleres (når det er muligt) før installation
https://www.linuxuprising.com/2018/07/malware-found-on-arch-user-reposi…
https://www.linuxuprising.com/2018/07/malware-found-on-arch-user-reposi…
Kommentarer1
Fra linket:Update: Reddit
Update: Reddit user u/xanaxdroid_ mentions that the same user named "xeactor" also had some cryptocurrency mining packages posted, so he speculates that "xeactor" was probably planning on adding some hidden cryptocurrency mining software to AUR (this was also the case with some Ubuntu Snap packages two months ago). That's why "xeactor" was probably trying to obtain various system information. All the packages uploaded by this AUR user have been removed so I cannot check this.
Det er mægtig interessant. Se eksempelvis dette billede af Manjaro og Net Activity Viewer: https://www.dropbox.com/s/e8apiqdvib0ghci/manjaro-pool.supportxmr.com.p…
pool.supportxmr.com er cryptocurrency mining (monero). Det er samme site, inklusiv relaterede IP adresser, der er henvist til her, blot MS Microsoft Windows: https://www.linuxin.dk/node/22388