Cryptocurrency News Today: Backdoor Code Found In 11 Ruby Libraries

0
1
Cryptocurrency News Today: Backdoor Code Found In 11 Ruby Libraries


Ruby

Privacy

Security

Technology

Backdoor Code Found In 11 Ruby Libraries (zdnet.com)






Posted
by

BeauHD

from the lost-and-found dept.

Maintainers of the RubyGems package repository have yanked 18 malicious versions of 11 Ruby libraries that contained a backdoor mechanism and were caught inserting code that launched hidden Cryptocurrency mining operations inside other people’s Ruby projects. ZDNet reports: The malicious code was first discovered yesterday inside four versions of rest-client, an extremely popular Ruby library. According to an analysis by Jan Dintel, a Dutch Ruby developer, the malicious code found in rest-client would collect and send the URL and environment variables of a compromised system to a remote server in Ukraine. “Depending on your set-up this can include credentials of services that you use e.g. database, payment service provider,” Dintel said.

The code also contained a backdoor mechanism that allowed the attacker to send a cookie f

Read More

Leave a reply