Hostile Cryptojacking Software Discovered In Ruby Libraries On GitHub as Thousands Get Infected
There has bee a recent surge in cryptojacking globally, but the number of instances in the US has been troubling. Many of the people affected by these are not too tech-savvy and vulnerable, however, now coders are getting affected by it too.
Decrypt media reports that there have been 11 open-source Ruby libraries on the RubyGems platform. What’s alarming is that the infected code was downloaded over three and a half thousand times. GitHub library RubyGems comments:
“On August 14, attackers published a series of rest-client versions from 1.6.10 to 1.6.13 using the credentials of a rest-client maintainer whose RubyGems.org account was compromised. The affected versions were downloaded a small number of times (~1000). On August 19, @juskoljo observed the malicious gem version and created this issue. Later that day, the RubyGems security team yanked the offending gem version and locked the affected maintainer's account. Several other gems were similarly affected.”
Cryptojacking involves using a person's computer without their knowledge, possibly for only seconds at one time, to mine a cryptocurrency. Cryptojacking malware exploits the processing power of an infected computer to mine for cryptocurrency, which can cause the system to slow down, even to the point of becoming unusable.
Earlier this month, BitcoinExchangeGuide had reported about researchers in cybersecurity company Varonis, a cryptocurrency-mining malware is capable of remaining so well-hidden that it had spread to almost every computer at a company that had become infected. Named “Norman”, the virus mines cryptocurrency Monero (XMR) and escapes from detection.
Check Point Security says that the phenomenon of cryptomining is on a decline in the first half of last year, 42% of organizations worldwide had been infected by crypto-miners at some point. For the same period this year, just 26%. Traditionally, Monero is the favored cryptocurrency as its anonymous.