"The Arch Linux user-maintained software repository called AUR has been found to host malware. The discovery was made after a change in one of the package installation instructions was made. This is yet another incident that showcases that Linux users should not explicitly trust user-controlled repositories."
https://sensorstechforum.com/arch-li...ntain-malware/