**Malware Found On The Arch User Repository (AUR)**

=>>> [aur-general] acroread package compromised


Sad to see. No one s safe on the net I think.

Edit: Since a while.

1 Like

AnonymousJuly 10, 2018 at 9:18 AM

A small typo - It was on July 7 - not June.
The malicious script was removed within approx. 9 hours

LogixJuly 10, 2018 at 10:14 AM

Corrected, thank you!


That s a good thing.

The article offers some advice on what to look for if you’re like me and just kind of do a perfunctory scan without really knowing what exactly to check. If nothing else, focus on the URLs. They will most likely follow a wget or curl command and are the most likely spot to store a malicious script. In this case, the package grabbed a script from Pastebin which should be considered a serious red flag.

That article is rather sensationalist, the ArchWiki clearly advises to check all PKGBUILDs & included files before installing AUR packages: