Yes but I think the commenter is saying that if a person had installed this package, removing the package in the package manager is probably insufficient to remove the infection from the machine.
Ah. Yeah, nuke it from orbit. Since this was RAT, so it had local execution powers and the attackers knew exactly which distro they are targetting, they could have used some security vulnerability to get root and even replace the kernel in worst case. Hopefully not microcode insertion, so hardware could be ok
But then, it wasn’t an attack on an existing package. So the question is how many people did actually download those
Yes but I think the commenter is saying that if a person had installed this package, removing the package in the package manager is probably insufficient to remove the infection from the machine.
Ah. Yeah, nuke it from orbit. Since this was RAT, so it had local execution powers and the attackers knew exactly which distro they are targetting, they could have used some security vulnerability to get root and even replace the kernel in worst case. Hopefully not microcode insertion, so hardware could be ok
But then, it wasn’t an attack on an existing package. So the question is how many people did actually download those