With cryptocurrency usage has become more common for modern transactions, more people want to own those digital coins for either for payment or investment.
While some people earn their cryptocurrency in good ways, some others leverage malicious approaches. One of which, is by infecting users' computer systems with malware that mines cryptocurrencies without the victims' knowledge and consent.
And here, these 'cryptojacking' malware have been found on at least 11 code libraries on programming language manager RubyGems.
According to Decrypt on its website post, RubyGems has been infected with malicious code for the cryptocurrency miner.
After exploiting them, the hackers then re-uploaded them under new names.
"Five of the eleven libraries were specifically related to crypto, with names such as doge_coin, coin_base, and blockchain_wallet, and were downloaded over a thousand times."
RubyGems is a package manager for the Ruby programming language that provides a standard format for distributing Ruby programs and libraries.
Using a self-contained format called a 'gem', the tool is designed to allow developers to easily manage the installation of gems, and a server for distributing them.
With its GitHub repositories infected with cryptojacking malware, "thousands of people were exposed to the illicit software designed to use their computers to mine cryptocurrencies," said Decrypt.
According to GitHub user Juskoljo who has released the details of the attack. It appears that the hackers have compromised RubyGem accounts to gain access to the libraries and carry out their attack.
Cryptojacking is still popular, given that cryptocurrency is becoming more widely used. But the attack itself is declining.
According to Check Point Security, in the first half of 2018, 42 percent of organizations worldwide had been infected by crypto-miners at some point. For the same period in 2019, it was just at 26 percent.
Check Point said that the fall or cryptojacking attacks is probably tied to the closure of cryptojacking service CoinHive, which terminated its service back in February.
With less malicious scripts to be run on websites and apps, cryptojackers are focusing their attempt elsewhere, like exploiting cloud computing systems, which cryptojacker researcher Troy Mursch said, are the real moneymakers.
Previously, RubyGems has also met with some security and privacy concerns.
For example, since RubyGems run its own code in an app, it may allow various security issues to installation of malicious gems. As a result, the creator of malicious gems may be able to compromise the user system or server.
