The Crypto Times
Image default
News

Cryptojacking Code Discovered in 11 Open-Source Libraries, Has Been Downloaded Extensively

A cryptojacking code has been discovered in 11 open-source code libraries. The code was written in Ruby and has been downloaded more than three thousand times. 

Crypto news site Decrypt reported that the malicious code was integrated to 11 open Ruby libraries disseminated on the RubyGems package manager. The program is popular among developers as it allows them to upload and share enhancements on current software. 

RubyGems

It’s said that hackers downloaded the software, placed the malware, and then upload everything on RubyGems but under new names.

The contaminated libraries were allegedly downloaded more than 3,500 times.

A GitHub user first noticed the malicious code. The user called attention to the problem on August 19. He noted that once executed, the library initialized supplementary code from text hosting platform Pastebin. This would trigger malicious mining. 

The malware reportedly also sends the address of the contaminated host to the attacker along with environmental factors that might include credentials. 

Two-Pronged Authentication

Several users already suggested that contributors to the RubyGems platform should implement a two-pronged authentication on their accounts, especially since they could infect numerous systems if they’re compromised. 

It was also discovered that five of the infected libraries were crypto-specific. They carried names like bitcoin_vanity, blockchain_wallet, coin_base, and doge-coin. The coin_base and blockchain_wallet were the two most downloaded libraries, with 424 and 423 downloads respectively. 

The RubyGems issue is just the latest in a spate of crypto-mining hacks. Last week, a new kind of crypto-mining malware, dubbed “Norman,” was uncovered last week by Varonis Security Research. However, the malware had been running on one company’s computer systems for more than a year.

Related posts

JP Morgan CEO Jamie Dimon Faces Charges of Market Abuse

Miles

NEO Rumored to be China’s Crypto

Miles

West Ham Soccer Team Collaborating With Socios for Fan Token

Viena Abdon

5 Billion USDT Tokens Accidentally Minted by Stablecoin Operator; Coins Immediately Burned

Viena Abdon

Blockchain Technology Will Trump the Supposed Crypto Bubble

Miles

Libra Association Announces Bug Bounty Program for Facebook Stablecoin Open to Everyone

Viena Abdon