An anonymous reader shares a report: Malware has been discovered in at least three Arch Linux packages available on AUR (Arch User Repository), the official Arch Linux repository of user-submitted packages. The malicious code has been removed thanks to the quick intervention of the AUR team. The incident happened because AUR allows anyone to take over “orphaned” repositories that have been abandoned by their original authors. On Saturday, a user going by the pseudonym of “xeactor” took over one such orphaned package named “acroread” that allows Arch Linux users to view PDF files. According to a Git commit to the packag’s source code, xeactor added malicious code that would download a file named “~x” from ptpb [dot] pw, a lightweight site mimicking Pastebin that allows users to share small pieces of texts.
Read more of this story at Slashdot.