Cryptojacking Scripts Found in 11 Open-Source Code Libraries

Thursday, 22/08/2019 | 11:45 GMT by Arnab Shome
  • The infected libraries have infected thousands of users’ computers.
Cryptojacking Scripts Found in 11 Open-Source Code Libraries
Pixabay

Malicious Cryptojacking scripts have been found in 11 open-source code libraries of the widely used programming language Ruby.

According to a Decrypt report, the malware was discovered on Tuesday inside the Github code repository, infecting the language manager called RubyGems.

Though the actual number of victims is not known yet, it can be anticipated that thousands of computers are infected.

According to the report, the hackers downloaded the popular code libraries from RubyGems and uploaded them again under new names after infecting them with malicious pieces of code.

“On August 19, @juskoljo observed the malicious gem version and created this issue. Later that day, the RubyGems security team yanked the offending gem version and locked the affected maintainer's account. Several other gems were similarly affected,” GitHub user Juskoljo stated.

A nifty way to spread malware

Out of the eleven libraries, five were directly related to crypto with names including doge_coin, coin_base, and blockchain_wallet. These libraries were downloaded more than a thousand times.

Uploaded in early July, the infected version of coin_base was downloaded 424 times, being the most downloaded library, followed by blockchain_wallet with 423 downloads. In total, the eleven libraries were downloaded over 3500 times.

Cryptojacking is one of the most common crimes using digital currencies. Perpetrators usually inject malicious codes to victims' computers by various techniques and use their computers’ processing power to mine digital currencies. Though several Cryptocurrencies can be mined using CPU-power, Monero is the most favored digital coin for these hackers.

Last year, security company McAfee reported that cryptojacking activities soared by 4,000 percent in 2018 alone. However, the increasing trend is now going the other way, according to a recent report Check Point Security.

Last week, Finance Magnates reported that a newly discovered crypto-mining malware called Norman is infecting the computers of medium-sized companies and is also hiding the mining process from the Task Manager when it is opened.

Malicious Cryptojacking scripts have been found in 11 open-source code libraries of the widely used programming language Ruby.

According to a Decrypt report, the malware was discovered on Tuesday inside the Github code repository, infecting the language manager called RubyGems.

Though the actual number of victims is not known yet, it can be anticipated that thousands of computers are infected.

According to the report, the hackers downloaded the popular code libraries from RubyGems and uploaded them again under new names after infecting them with malicious pieces of code.

“On August 19, @juskoljo observed the malicious gem version and created this issue. Later that day, the RubyGems security team yanked the offending gem version and locked the affected maintainer's account. Several other gems were similarly affected,” GitHub user Juskoljo stated.

A nifty way to spread malware

Out of the eleven libraries, five were directly related to crypto with names including doge_coin, coin_base, and blockchain_wallet. These libraries were downloaded more than a thousand times.

Uploaded in early July, the infected version of coin_base was downloaded 424 times, being the most downloaded library, followed by blockchain_wallet with 423 downloads. In total, the eleven libraries were downloaded over 3500 times.

Cryptojacking is one of the most common crimes using digital currencies. Perpetrators usually inject malicious codes to victims' computers by various techniques and use their computers’ processing power to mine digital currencies. Though several Cryptocurrencies can be mined using CPU-power, Monero is the most favored digital coin for these hackers.

Last year, security company McAfee reported that cryptojacking activities soared by 4,000 percent in 2018 alone. However, the increasing trend is now going the other way, according to a recent report Check Point Security.

Last week, Finance Magnates reported that a newly discovered crypto-mining malware called Norman is infecting the computers of medium-sized companies and is also hiding the mining process from the Task Manager when it is opened.

About the Author: Arnab Shome
Arnab Shome
  • 6664 Articles
  • 102 Followers
About the Author: Arnab Shome
Arnab is an electronics engineer-turned-financial editor. He entered the industry covering the cryptocurrency market for Finance Magnates and later expanded his reach to forex as well. He is passionate about the changing regulatory landscape on financial markets and keenly follows the disruptions in the industry with new-age technologies.
  • 6664 Articles
  • 102 Followers

More from the Author

CryptoCurrency

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}