Atomic Arch AUR Audit Tool
the.unknown-universe.co.uk
Audit Arch Linux systems for AUR malware. Compare installed packages against the live Atomic Arch threat list locally in the browser. Privacy-focused tool.

The “Atomic Arch” campaign compromised over 1,500 AUR packages between June 10-12, targeting SSH keys and API tokens. If you updated via yay or paru during that window, you need to audit your local system.

I’ve built a client-side tool to help with this.

Local Processing: Your package list never leaves your browser. All comparisons are done client-side.

Live Data: It fetches the verified malicious list directly from the official Arch servers (md.archlinux.org) to ensure it’s always current. Zero Bloat: No trackers, no ads, no cookies. How to use:

  1. Run pacman -Qm
  2. Paste the output into the tool
  • Avid Amoeba@lemmy.ca
    11·
    2 hours ago

    This dipshit (me) hasn’t reinstalled their OS since 2014. Not Arch btw.

    But if my OS was affected by a supply attack like this, I wouldn’t trust the analysis on which packages were affected and which weren’t so I’d likely nuke and pave as all my and my family data is here.

    • thingsiplay@lemmy.ml
      1·
      2 hours ago

      If your current system were affected by a supply attack, then you would reinstall your system too. I use Arch[1], BTW and did not reinstall the system.

      1: Arch=EndeavourOS