On the RubyGems platform, in 11 open source libraries that have more than 3,500 downloads, hidden code for crypto jacking has been discovered.
It is reported that hackers download libraries written in the Ruby programming language, inject malicious code, and then download them to RubyGems with new names. For example, the doge_coin, coin_base, and blockchain_wallet libraries associated with cryptocurrencies have been downloaded over a thousand times.
After the user installs such a library, it downloads additional files from the Pastebin website and launches hidden cryptocurrency mining. The malicious library also sends the hacker the IP address of the infected computer and various system parameters, which may contain personal information of the user.
RubyGems users believe that developers of popular libraries need to enable two-factor authorization when they log in to the site, since thousands of computers and users may suffer if their account is hacked and their libraries are replaced.
Recall that the recently specialized cybersecurity company Varonis announced the discovery of a new Norman virus miner, which hides its presence from the task list.
Mining on RTX 3070. Overclocking, tuning, profitability, consumption: If you are interested in finding more…
Mining with GTX 1660, 1660 Ti, 1660 Super. Overclocking, settings, consumption, profitability, comparisons - If…
Mining with RTX 2070 and 2070 Super. Overclocking, profitability, consumption, comparison What the RTX 2070…
Mining with RTX 3060, 3060 Ti. Limitations, overclocking, settings, consumption, profitability, comparison Let's look at…
Alphacool Eisblock Aurora Acryl GPX-A (2022) with Sapphire Radeon RX 6950 XT Nitro+ Pure in…
In the ever-evolving landscape of business strategy, Bitcoin has emerged as a pivotal asset. With…
This website uses cookies.