Cryptojacking Software Detected in Open Code Libraries after Thousands of Downloads

Malicious cryptojacking software code has now been found on at least 11 Ruby programming code libraries and has already been accessed and downloaded more than a few thousand times. This was recently discovered on Github and was done using the RubyGems platform.

The Infection

RubyGems is a widely known program that affords coders and developers, the opportunity to share any alterations or enhancements made on any codes or software. According to reports, the cybercriminals behind the attack did this by downloading certain software, injecting the malware into the code and then uploading them back to RubyGems using different names. So far, the compromised software has already been downloaded more than three thousand times.

Furthermore, reports reveal that  at least 5 of the 11, were crypto related and included titles like “coin_base”, “blockchain_wallet” and “doge_coin”. The GitHub user who first noticed it revealed that the execution of the software forced additional downloads eventually starting the mining.

Cryptojacking and its Decline

Cryptojacking codes and software are specifically created to mine digital assets on infected computers without the knowledge of the owners. The software is also programmed to send the mined assets back to the originators, all done discreetly.  Malicious software like this has been used several times with different virtual assets but has mostly been used for Monero (XMR) because of its inherent anonymity.

It would however seem that “http://kryptomoney.com/mozilla-firefoxs-new-update-will-block-web-based-cryptojacking/”>cryptojacking isn’t the most preferred form of hacking anymore. According to a report from Check Point Security, about 42% of institutions, suffered attacks last year. For 2019, this number has dropped to 26%.

Image Credits: Stock Photo Secretes