Thousands of open libraries have been infected by a new type of a cryptojacking code which aims to initiate malicious mining. The latest cryptocurrency news show that the code was already found in 11 open source code libraries written in Ruby which have been downloaded thousands of times so far.
According to the industry news outlet Decrypt and its reports on August 21, the cryptojacking code has been added to the 11 open source Ruby libraries distributed on the RubyGems platform. The report also features that the infected libraries were downloaded more than 3,500 times.
The altcoin news note that the hackers reportedly downloaded the software, infected it with the malware (using the cryptojacking code) and re-posted it on RubyGems. The malicious code was first noticed by a GitHub user who posted on the network reporting the issue on August 19. The user also pointed out that when executed, the library downloaded even more code from the test hosting service Pastebin – triggering malicious mining.
The cryptojacking code and malware also sent the address of the infected host to the attacker alongside the environment variables which may have included credentials. As some users pointed out, RubyGems contributors should enable two-factor authentication on their accounts mostly because of potential compromises and infecting many other system.
As the best cryptocurrency news sites reported, five of the libraries which were infected were cryptocurrency-specific, meaning that there were names like doge-coin, bitcoin_vanity, coin_base and blockchain_wallet spread around. The last two were the most downloaded, with coin_base having more than 424 downloads while blockchain_wallet had 423.
However, this cryptojacking code is nothing new in the world of viruses and infected mining. As we recently reported, the cybersecurity company Varonis has discovered a new cryptojacking virus which is dubbed “Norman” – that aims to mine the cryptocurrency Monero (XMR) and evade detection without the user knowing what’s happening in the background.
A report published on our site earlier this year has also shown that cryptojacking is prime example of a shift towards discreet cyberattacks – something that is trending right now. So far, we have seen so many variants of pieces of malware which are spreading or being loaded.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at editor@dcforecasts.com
Discussion about this post