HomeBitcoin NewsBTC-Intercepting Malware Uncovered On Ruby Gems

BTC-Intercepting Malware Uncovered On Ruby Gems


Crypto theft is quite common, and it’s no laughing matter. Recently, as many as 725 separate forms of malware were discovered on the Ruby Gems platform, which is typically used for downloading and offering Ruby programming language. The malware was widely designed to get in the way of bitcoin and crypto payments and potentially shift them over to wallets and addresses controlled by hackers.

Malware Is Big… and Dangerous

In all, there were more than 100,000 malware downloads, and all the packages stemmed from two user accounts under the names “JimCarrey” and “PeterGibbons.” Many of the illicit software packages were hidden under names that were designed to make them appear more legitimate. This ultimately led to the many downloads in question, as customers thought they were getting their hands on the real thing.

But underneath these allegedly real names were phony forms of software looking to intercept crypto payments. Examples of falsely named software packages include “atlas-client,” which was meant to serve as a decoy for “atlas_client.” More than 2,000 individual downloads of the software occurred.

Crypto theft has come in many forms over the years. Arguably, two of the biggest ones involve attacking crypto exchanges or trading platforms directly, or invoking a process known as crypto jacking.

The latter occurs when a hacker takes over a person’s computer or digital device without their knowledge or consent. From there, the hacker uses their newfound control and power to mine cryptocurrencies, primarily Monero given it boasts quasi-anonymous properties. The hacker can make a mint through their newfound mining venture, while the owner of the device gets nothing minus the high energy bills that they receive in the mail each month.

Several trading exchanges have been directly hit in the past. The biggest examples include Mt. Gox and Coincheck, both of which took place in Japan approximately four years apart from each other (February 2014 and January 2018, respectively). The first saw more than $400 million in BTC funds disappear virtually overnight, while the second saw more than half-a-billion in crypto funds stolen, making it the largest digital theft in the history of the crypto space.

This is not the first time someone has tried to upload malicious code onto the Ruby Gems platform. In 2016, a college student uploaded several malicious software packages to be downloaded by developers of Python, Ruby and Java scripts. These illicit codes were ultimately downloaded more than 40,000 times on more than 10,000 domains including two military-based ones.

No Way to Know…

Tomislav Pericin – co-founder of Reversing Labs – explains:

There are very few protections out there for software developers to make sure that packages they install from these repositories are malware free. There is a huge gap in the market which is being exploited by malware authors.

Nick Marinoff
Nick Marinoffhttps://www.livebitcoinnews.com/
Nick Marinoff is currently a lead news writer and editor for Money & Tech, a San Francisco-based broadcasting station that reports on all things digital currency-related. He has also written for a number of other online and print publications including Black Impact Magazine, EKT Interactive, Seal Beach USA and Benzinga.com, to name a few. He has recently published his first e-book "Take a 'Loan' Off Your Shoulders: 14 Simple Tricks for Graduating Debt Free" now available on Amazon. He is excited about the potential digital currency offers, particularly its ability to finance unbanked populations and bring nations together financially.

Follow us


Most Popular