AUR (Arch Linux) infecté ! Synthèse de l'attaque et réponses aux questions !

If you appreciate my work, please consider supporting me: https://www.linuxtricks.fr/pages/fair... ---------- Links: https://www.linuxtricks.fr/news/10-lo... https://archlinux.org/news/active-aur... https://thecybersecguru.com/news/atom... https://github.com/lenucksi/aur-malwa... Command: in the associated Linuxtricks article 00:00 Introduction 00:45 Many questions about the video, the article, and Discord... 01:15 TheCyberSecGuru: An article packed with technical information 01:52 Context: The Arch User Repository 03:32 The PKGBUILD file in Arch Linux 04:25 AUR and Wrappers 05:00 AUR and orphaned packages 06:12 Analysis of the attack with The CyberSec Guru 06:55 The attacker and the search for orphaned packages 07:30 How the PKGBUILD became a backdoor 09:19 Second wave with another, more insidious method 10:42 About the malware and its actions 11:15 What information the malware steals 12:47 The malware installs and remains after package uninstallation 14:00 The eBPF rootkit for even more viciousness! 15:05 Sending stolen data to the attacker via tmp sh 15:48 Plenty of technical info in The Sybersec Guru article 15:58 What to do if you're on Arch Linux and derivatives? 16:50 Review the PKGBUILDs of the AUR packages 17:32 A dedicated analysis script for the Atomic Arch problem 18:28 If suspected: run from a live ISO 19:02 Conclusion 20:15 Outro ---------- What distribution do I use? : Fedora Linux with GNOME What is my internet browser? : Vivaldi Where can you find me? Everything is in the banner on the channel's homepage. My website: https://www.linuxtricks.fr My desktop PC specs: X470 GAMING PRO motherboard AMD Ryzen 5 2600X 32GB DDR4 RAM AMD Radeon RX 7600 (amdgpu open-source driver) 500GB 860 EVO SSD + 2TB 860 QVO SSD Fedora Linux Workstation BIRD UM1 microphone Test laptops: DELL Latitude E5530 Intel i5 3230M 6GB DDR3 RAM Broadcom BCM5761 LAN Atheros AR9285 WiFi