Arch Linux users told to purge Firefox forks after AUR malware scare

If you installed the Firefox, LibreWolf, or Zen web browsers from the Arch User Repository (AUR) in the last few days, delete them immediately and install fresh copies.

A security warning from the Arch Linux maintainers highlights compromised packages of three of the leading Firefox-based browsers in the AUR. The distro hasn't been breached. Unfortunately, the attack is a consequence of how Arch's repositories are structured and maintained.

The warning concerns three browsers from the greater Mozilla family: Firefox itself; a fork called LibreWolf, which removes some Mozilla telemetry and otherwise tightens up Firefox's security and privacy a bit more; and the fancy tiling Zen browser, which we looked at last year.

All three had compromised packages contributed to the AUR on July 16. The compromised packages were called librewolf-fix-bin, firefox-patch-bin, and zen-browser-patched-bin, and the modified versions reportedly contained a Remote Access Trojan (RAT). Less than two ...