Malware fundet på Arch User Repository (AUR)

FrugalMan
Antal: 1183
Tilmeldt:
18-12-2007
User is offline
Malware fundet på Arch User Repository (AUR)

Den 7. juli blev en AUR-pakke ændret med en del ondsindet kode, der bør minde Arch Linux-brugere (og Linux-brugere generelt), at alle brugergenererede pakker bør kontrolleres (når det er muligt) før installation

https://www.linuxuprising.com/2018/07/malware-foun...

"Man kan modstå alt undtagen fristelser" - Oscar Wilde
Frit Software


frogmaster
frogmaster's picture
Antal: 3721
Tilmeldt:
20-05-2010
User is offline
Fra linket:Update: Reddit

Fra linket:

Update: Reddit user u/xanaxdroid_ mentions that the same user named "xeactor" also had some cryptocurrency mining packages posted, so he speculates that "xeactor" was probably planning on adding some hidden cryptocurrency mining software to AUR (this was also the case with some Ubuntu Snap packages two months ago). That's why "xeactor" was probably trying to obtain various system information. All the packages uploaded by this AUR user have been removed so I cannot check this.

Det er mægtig interessant. Se eksempelvis dette billede af Manjaro og Net Activity Viewer: https://www.dropbox.com/s/e8apiqdvib0ghci/manjaro-...

pool.supportxmr.com er cryptocurrency mining (monero). Det er samme site, inklusiv relaterede IP adresser, der er henvist til her, blot MS Microsoft Windows: https://www.linuxin.dk/node/22388