acm-header
Sign In

Communications of the ACM

Home/News/Supply-Chain Attack Hits RubyGems Repository with.../Full Text
ACM TechNews

Supply-Chain Attack Hits RubyGems Repository with 725 Malicious Packages

By Ars Technica
April 30, 2020
Comments
View as: Print Mobile App Share:
A RubyGems logo.

Researchers found more than 725 malicious packages populating RubyGems, the official channel for distributing programs and code libraries for the Ruby programming language.

Credit: RubyGems.org

ReversingLabs researchers have found more than 725 malicious packages populating RubyGems, the official channel for distributing programs and code libraries for the Ruby programming language.

The malicious packages were downloaded nearly 100,000 times, but a significant portion of those are likely the result of scripts that automatically crawl all 158,000 packages available in the repository.

All of the packages originated from just two user accounts: "JimCarrey" and "PeterGibbons."

The researchers suspect a single individual may be responsible for creating both accounts, which used a variation of typosquatting to give the impression they were legitimate.

Once installed, the packages execute a script that attempts to intercept Bitcoin payments made on Windows devices.

From Ars Technica
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account