I encountered such a curious situation: today, after updates (all previously installed applications were indicated for updating), in the browser tab (firefox) instead of the site smotrim.ru, information was changed and the site did not work in the usual expected way. It displayed completely different content. I believe that here the question is deeper and I will have to return to the previous distribution kit for a paid subscription. Where the developers guarantee complete security and the prevention, in principle, of such situations. In search of a new one, I decided to get acquainted with manjaro.
I intuitively removed the Code::Blocks program (I actively used it after installation, but there are suspicions of CherryTree software), the substitution stopped happening. Dependencies remain in the system, see below. The question is, is it? How to know for sure. And in general, regarding the security of this distribution, there are, therefore, no guarantees at all. And the distro is good, it has prospects and there is something to work very hard on. Why do developers allow this here.