Typosquatting RubyGems laced with Bitcoin-nabbing malware have been downloaded thousands of times

2020-04-21 09:45

A researcher has uncovered malicious packages in the RubyGems repository, one of which was downloaded more than 2,000 times.

The research found over 400 suspect gems including "Atlas-client", which was downloaded 2,100 times by developers likely looking for the legitimate gem named atlas client.

The bigger concern is how easy it is to get malware into one of the most widely used package managers.

Modern software development is reliant on packages downloaded from repositories, not only RubyGems but also via NPM, NuGet, Maven, Cargo, PEAR for PHP, PyPI and many others.

In 2018, malicious code was found in the NPM package event-stream and was downloaded nearly 8 million times, according to open-source security specialist Snyk.

News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/04/21/rubygems_bitcoin_malware/

#bitcoin #malware #rubygems

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Rubygems		7	0	21	12	1	34