• No info in regard to possible compromise

    I have been using Antergos for a long time now and have always been happy and quick to recommended it, but without knowing how long the Antergos system has been compromised and has it affected updates and the fact I did a fresh install several weeks back , my concern is, was that installation compromised … Because there is no information I am now going to install Manjaro :( I will check back to see what has happened.


  • It’s safe to say that the website domain is/was attacked and that’s a separate issue, so it’s unlikely that the system or updates are affected or compromised by that. If you read the post about the pop up during install, it was made clear that the people who had this problem were browsing the Antergos website, while installing or finishing cnchi captha for slides. Eitherway, those are related to the domain being attacked or hijacked and doesn’t relate to the Antergos/Arch system updates.

  • Not completely correct …

    I noticed it yesterday because I gave someone a copy of Antergos that I had just downloaded for them which they were then going to install in virtualbox on their mac, they did not go to the website and popups were happening while installing. I would also like to point out that it’s been several days now and some links on the Antergos website still redirect to phishing sites.

  • Hi,

    The system was NEVER compromised. We store our iso in a different server that where our website is. Do not worry about this.

    Having said that, it is true that our wordpress was compromised (they exploited a wordpress plugin bug). We are still cleaning our website, that’s why some pages are not working at all.

    But please, rest assured that our iso was never compromised.

    About the ads that appeared in Cnchi. Cnchi gets its slides from our webserver, as the webserver was compromised, Cnchi showed that compromised pages… We’ve changed this in 0.15.x (development branch) and ditched the webkit component so this doesn’t happen again (cnchi will show local images only).


    P.S. I didn’t write all this before because it’s not me who is doing all this cleaning work, but Dustin. We’re also in the process of getting our webserver audited by a professional company. Again, this has nothing to do with our ISO server ;)

  • @karasu Thank you a lot for clarifying that🙏

  • @karasu
    Also thanks from me.

  • Thank you for the reply. Antergos is my favourite iso, but because there was no reply to clarify I installed manjaro just to be safe, but once you get everything sorted I will reinstall Antergos. Hopefully the installers will work.

    have a good day and thank you for all the hard work :)

  • @karasu Thank You for the clarification. For the Cnchi update to the static local images instead of the webkit components, when will you be rolling out this updated ISO? Also any rough timeline on when the security auditors could be finished so the updated ISO could be available for download?

    I just want to say, “Thanks” to everyone who works hard to make this a great distro.

  • Hi,

    We’ve just payed for the audit, so I really don’t know how long it will take, sorry.

    All in all, we expect to be able to release 18.10 in due time, that is, in October. This release will have (hopefully) Cnchi 0.16.1 with a LOT of changes, showing local images being one of them.

    If you’re curious, you can check all changes here:

    I’m sorry I can’t be more precise.


  • Thanks for the update, there is a bad line of code here which is an easy fix to do…


  • My question: is the forum database compromised?

  • @zoli62 No!
    as the forum is not using the same database and also is not based on wordpress, it uses https://nodebb.org

  • @joekamprad That’s good news, thanks! When can you expect a Wordpress bug fix?

  • @zoli62 0_1537601009066_Bildschirmfoto vom 2018-09-22 09-23-11.png
    i am a moderator and i am not internal with Antergos development… As far as i knoe professionals are working on this at the moment, and parts of the compromised parts of Antergos Webside/Webstructure are closed down till all is cleaned up.

  • @joekamprad Thank you, in any case, we hope the best.

  • I don’t see any evidence that the website is in triage mode. It appears still to be infected. Imho The best thing to do now is put up a single html page in a completely different folder and point your htto server to it. Then examine the WordPress issues offline.


  • @notzippy there are 3 different websites… And it seems they put them back online cause the cleanup is done already.

  • @notzippy said in No info in regard to possible compromise:

    I don’t see any evidence that the website is in triage mode.


compromise1 regard1 Posts 25Views 2940
Log in to reply
Bloom Email Optin Plugin

Looks like your connection to Antergos Community Forum was lost, please wait while we try to reconnect.