Communications of the ACM

Home/News/Supply-Chain Attack Hits RubyGems Repository with.../Full Text

ACM TechNews

Supply-Chain Attack Hits RubyGems Repository with 725 Malicious Packages

By Ars Technica
April 30, 2020
Comments

View as: Print Mobile App Share:

Researchers found more than 725 malicious packages populating RubyGems, the official channel for distributing programs and code libraries for the Ruby programming language.

Credit: RubyGems.org

ReversingLabs researchers have found more than 725 malicious packages populating RubyGems, the official channel for distributing programs and code libraries for the Ruby programming language.

The malicious packages were downloaded nearly 100,000 times, but a significant portion of those are likely the result of scripts that automatically crawl all 158,000 packages available in the repository.

All of the packages originated from just two user accounts: "JimCarrey" and "PeterGibbons."

The researchers suspect a single individual may be responsible for creating both accounts, which used a variation of typosquatting to give the impression they were legitimate.

Once installed, the packages execute a script that attempts to intercept Bitcoin payments made on Windows devices.

From Ars Technica
View Full Article

No entries found

Supply-Chain Attack Hits RubyGems Repository with 725 Malicious Packages

U.S. Announces $5 Billion Commitment for Computer Chip R&D

U.S. Copyright Office's Questions about Generative AI

SWOT Analysis of ChatGPT in Computer Science Education