The compromise of several older versions of a popular Ruby software package (aka a Ruby “gem”) has led to the discovery of a more widespread effort to inject malware and mining software through Trojanized gems.
What happened?
Two days ago, developer Jussi Koljonen announced that a compromised version of rest-client, a popular HTTP and REST client for Ruby, has apparently been uploaded to RubyGems, the Ruby community’s gem hosting service.
The injected code would fetch malicious code from pastebin.com and collect and send to the attacker’s server sensitive information from the client’s host machine.
“Depending on your set-up this can include credentials of services that you use e.g. database, payment service provider,” Koljonen noted, and added that it also a ..
Support the originator by clicking the read the rest link below.
