- Malicious Cryptojacking Scripts have been discovered in11 open-source code libraries of Ruby.
- The malware was found inside the Github code repository and has been downloaded >3,500 times.
Malicious Cryptojacking Scripts have been discovered in11 open-source code libraries of Ruby, a widely-used programming language. According to a report by Decrypt, the malware was found inside the Github code repository. This has infected the language manager RubyGems.
Experts believe that thousands of computers are infected with this though the exact number is not disclosed. According to the report, the hackers downloaded the well-known code libraries from RubyGems and uploaded them under different names with malicious pieces of code. Juskoljo, a Github user stated:
“On August 19, @juskoljo observed the malicious gem version and created this issue. Later that day, the RubyGems security team yanked the offending gem version and locked the affected maintainer’s account. Several other gems were similarly affected.”
Of the eleven libraries, five were directly related to crypto. These included doge_coin, coin_base, and blockchain_wallet. Overall, the eleven libraries were downloaded around 3500 times and may have infected thousands of computers.