The Arch Linux User Repository “AUR” was hit by a large-scale malware campaign this week with more than 400 of these user-supplied packages being compromised.