Fun

Two Rubygems Infected With Crypto-Stealing Feature Malware Spotted by Researchers

News Feed - 2020-12-19 06:12:08

Two Rubygems Infected With Crypto-Stealing Feature Malware Spotted by Researchers


New infected Rubygems packages have been spotted in its open-source software repository and which contained malicious code mainly used to steal cryptocurrencies from users via supply chain attack. Two Cryptocurrency-Stealers Rubygems Detected by Researchers at Sonatype


According to Ax Sharma, a security researcher at Sonatype, the two gems detected — pretty_color and ruby-bitcoin — had malware that deployed the attack on Windows machines and replaced any bitcoin (BTC), ethereum (ETH), or monero (XMR) wallet addresses found on the victim’s clipboard by the attackers’ ones.


Rubygems is a package manager for the Ruby programming language that allows developers to integrate code developed by other people. Anyone can upload a “gem” to the repository, open in some way the doors for threat actors to upload their malicious packages.


The researcher explained further about how the attack operates: This means if a user who had mistakenly installed either of these gems was to copy-paste a bitcoin recipient wallet address somewhere on their system, the address would be replaced with that of the attacker, who’d now receive the bitcoins.


During an analysis conducted by the Sonatype Security Research team, it was detected that unless the victim double-checks the wallet address after they paste it, the clipboard hijacker deployed during the supply chain attack will quietly change the address by creating separate malicious scripts contained in VBS files.


Supply Chain Attacks: A Growing Concern


Sharma also warned on the growing trend that supply chain attacks have so far in 2020, considering it a “bigger concern.”


According to Sonatype’s 2020 State of the Software Supply Chain report, there was a 430% increase in upstream software supply chain attacks over the past year, making it “virtually impossible” to chase and keep track of such components manually.


Sonatype’s Sharma adds: Of all activities a ransomware group may conduct on a compromised system, replacing bitcoin wallet address on the clipboard feels more akin to a trivial mischief by an amateur threat actor than to a sophisticated ransomware operation. However, this coincidence does raise a bigger concern, considering how rampant software supply chain attacks have been in 2020.


Will we see a leading role in crypto-related supply chain attacks in 2021? Let us know in the comments section below. Nicehash Crypto Mining Pool "Fully" Reimburses All Users Affected by 2017 Hack SECURITY | 4 hours ago FBI Warns Ransomware Gangs Are Harassing Victims via Telephone Calls to Pay Crypto Ransoms SECURITY | 18 hours ago Tags in this story crypto wallet, Cryptocurrency Security, cryptocurrency wallet, cybersecurity, hijack, Protection, Security, security analysis, security breach, Supply Chain, wallet address


Image Credits: Shutterstock, Pixabay, Wiki Commons Purchase Bitcoin without visiting a cryptocurrency exchange. Buy BTC and BCH here. Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article. Read disclaimerShow comments

News Feed

Tron’s USDD Stablecoin Experiences Fluctuations Again, Drops Below $1 Parity in Early 2023
Tron"s USDD Stablecoin Experiences Fluctuations Again, Drops Below $1 Parity in Early 2023 The Tron-based stablecoin USDD fell below $1 parity again during the first week of 2023 a
Ray Salmond2 hours agoBitcoin may hit $100K by capturing ‘even 2 to 5% of gold’s market cap’ — Hut 8 VP Sue EnnisNew developments in the Bitcoin mining space have Hut 8 vice president Sue Ennis convinced that wel
Tom Blackstone9 hours agoHuobi Global hacked for $7.9M: ReportHTX crypto exchange has been hacked, but it claims to know the identity of the attacker.4061 Total views19 Total sharesListen to article 0:00Breaking newsJoin
Bitcoin price hits $70K as spot and BTC ETF buying surges
Nancy Lubale4 hours agoBitcoin price hits $70K as spot and BTC ETF buying surgesAnalysts believe Bitcoin price is en route to new highs now that the recent consolidation phase has come to an end.9139 Total views10 Total
Bitcoin price won’t ‘dramatically’ increase from here, says billionaire
Brayden Lindrea7 hours agoBitcoin price won’t ‘dramatically’ increase from here, says billionairePeter Thiel also believes that Bitcoin’s original vision as a cypherpunk, crypto-anarchist, freedom tool hasn’t b
Bitcoin Mining Operations Offer New Strategies Before Reward Reduction
Bitcoin Mining Operations Offer New Strategies Before Reward Reduction As the reward halving approaches, bitcoin miners are preparing new strategies so customers can reap the mos
Bitcoin Price Holds Above $68,000, But TD Sequential Sounds Sell Alarm
Este artículo también está disponible en español. The Bitcoin price has not quite been able to replicate its midweek form over the weekend, hovering around the $68,000 le
Bitcoin miner CleanSpark plunges 10% after $800M share offering
Brayden Lindrea8 hours agoBitcoin miner CleanSpark plunges 10% after $800M share offeringWith a market capitalization of $4.2 billion, a $800 million stock offering would effectively dilute CLSK shares by 19%.8059 Total
Dogecoin Price Down 7%, But Whales Continue To Buy
Este artículo también está disponible en español. On-chain data shows the Dogecoin whales have continued to buy recently despite the pullback that the memecoin’s pr
Report: Paypal HK Halts Hong Kong Pro-Democracy Group’s Payments Over ‘Excessive Risks’
Report: Paypal HK Halts Hong Kong Pro-Democracy Group"s Payments Over ‘Excessive Risks’ According to a report from a pro-democracy group in Hong Kong, Paypal HK has reportedly
TCG World partners with Chooky Records to bring Busta Rhymes, others to the metaverse
Tristan Greene4 hours agoTCG World partners with Chooky Records to bring Busta Rhymes, others to the metaverseThe legendary hip hop artist who once rapped on A Tribe Called Quest’s seminal hit “Scenario” is now in
California Governor Newsom Vetoes Bill to Regulate Crypto — Calls for ‘More Flexible Approach’
California Governor Newsom Vetoes Bill to Regulate Crypto — Calls for "More Flexible Approach" California Governor Gavin Newsom has vetoed a bill to regulate crypto in his state.