TECH NEWS

Atomic Arch Campaign Hijacks 20+ Linux AUR Packages to Deliver Malware

https://hackread.com/wp-content/uploads/2026/06/atomic-arch-hijacks-linux-aur-packages-malware-1024x576.jpg

Research firm Sonatype has discovered a malicious campaign targeting Linux systems in an entirely different way. Hackers are exploiting a vulnerability in the open-source ownership transfer process to deliver malware.

The campaign is dubbed “Atomic Arch” as it targets the Arch User Repository (AUR), an online platform where community members maintain installation files for different software packages. When a developer walks away from a project, it becomes an orphaned package.

This means another user can request ownership and take over legitimate abandoned projects. And, because the package keeps its original name and trusted history, unsuspecting users end up downloading malicious updates without suspecting any danger.

According to researchers, more than 20 AUR packages have already been compromised. Sonatype has shared the technical details of this ongoing software supply chain attack with Hackread.com.

Inside the Attack Chain

Sonatype engineer Eyad Hasan first flagged the issue, and subsequent investigationrevealed that the...

Copyright of this story solely belongs to hackread.com. To see the full text click HERE

Read more