Arch Linux AUR Packages For Firefox & Other Browsers Removed For Containing Malware

An Arch Linux user on Wednesday uploaded malicious AUR packages of firefox-patch-bin, librewolf-fix-bin, and zen-browser-patched-bin. These AUR packages ended up installing a binary file from a GitHub repository that ended up being a remote access trojan.
Arch Linux administrators were made aware of these malicious packages and as of Friday they were removed. It's important to reiterate that these malicious packages were just in the Arch User Repository (AUR) and were not part of the official Firefox browser on Arch Linux or similar. In any event a good public service announcement to remind users to exercise caution when relying on Arch Linux's AUR, Ubuntu PPAs, third-party Flatpaks / Snaps, and other user-contributed packages not always vetted by Linux distribution vendors.
More information on these compromised AUR packages via the Arch Linux aur-general mailing list.
94 Comments
