48
Arch Linux AUR Hit By Another Wave Of Now More Sophisticated Malware Attack
(www.phoronix.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 14 Jun 2026
48 points (100.0% liked)
Arch Linux
9793 readers
5 users here now
The beloved lightweight distro
founded 6 years ago
MODERATORS
And if you're not a developer?
Then don't use an automatic AUR helper. Use chaotic aur if you must. Or use aurto
Then learn to read the diffs. Most of the time they are changing the version number and package hash which is mundane and nothing to worry about. If more than that changed then that should make you curious why and dig deeper.
I know how, I'm just saying, not everyone has the technical acumen.
Right, and I'm saying that a lot of updates are mundane and easy for anyone to read. And if they aren't mundane then look into it. Try to learn. The alternative is to run code you don't understand and hope for the best which didn't work out for people here. So if you don't want to try to learn, and you don't want to blind trust, then the alternative is to not use the AUR.
Like one of the attack vectors was adding a "post install" step that was a bunch of obsfucated gibberish which should've been a red flag for anyone, technical acumen or not
Even if you aren't a dev, any user that chooses to use the aur should do their due diligence. There is a reason why I prefer flatpacks over aur, I don't want to have to check diff's every update.
You don't need to be a developer to read diffs and package builds. I have memory and cognitive impairment and manage fine. I'm also not remotely into software programming.