|
|
|
|
|
|
by DavideNL
3 days ago
|
|
|
Noob question, but how do people know this is thrustworthy, since it's not from Arch / an official source? There's a lot of voodoo in that script, i can't easily tell it's safe by reading the code. I'd expect some reaction/solution from official Arch developers... |
|
|
All of the packages I have triaged involved the atomic-lockfile npm package, so this is something you could try:
The problem with an officially endorsed solution is that the rootkit authors could push an update that hides/removes the indicators of compromise the endorsed script checks for (e.g. it would be trivial to have the malware delete atomic-lockfile from the npm cache).