logoalt Hacker News

Shellbanlast Friday at 8:35 PM1 replyview on HN

As @lillylizard pointed out, it turns out that these are new packages, not comprised existing packages like I first thought. Still, the nature of the hack is a Remote Execution, as you pointed out elsewhere, meaning the hacker could pull my router password from the password manager, or grab my SSH keys and log into whatever machine is listed in the known_hosts, or just mess with my Ebay account and the credit card saved on there. The hacker could in theory do literally anything I could do.


Replies

akerl_last Friday at 9:52 PM

Sure, but only if you’d installed the affected AUR packages. Even if they were old packages, probably your SteamOS didn’t install them from the AUR.

show 1 reply