[Tool] Privacy-focused AUR Malware Audit Tool (Atomic Arch Incident)

submitted by TheIPW to linux 24 points | 4 comments https://the.unknown-universe.co.uk/privacy-security/atomic-arch-audit-tool/

The “Atomic Arch ” campaign compromised over 1,500 AUR packages between June 10-12, targeting SSH keys and API tokens. If you updated via yay or paru during that window, you need to audit your local system.

I’ve built a client-side tool to help with this.

Local Processing: Your package list never leaves your browser. All comparisons are done client-side.

Live Data: It fetches the verified malicious list directly from the official Arch servers (md.archlinux.org) to ensure it’s always current. Zero Bloat: No trackers, no ads, no cookies. How to use:

1. Run pacman -Qm
2. Paste the output into the tool