Backdoor code found in 11 Ruby libraries (ZDNet)

ZDNet reports
on the discovery of a set of malicious libraries in the RubyGems
repository. “The individual behind this scheme was active for more than a month, and their actions were not detected.

Things changed when the hacker managed to gain access to the RubyGems account of one of the rest-client developers, which he used to push four malicious versions of rest-client on RubyGems.

However, by targeting such a high-profile project that has over 113 million total downloads on RubyGems, the hacker also brought a lot of light to their operation, which was taken down within a few hours after users first spotted the malicious code in the rest-client library.“

Source: LWN.net – Backdoor code found in 11 Ruby libraries (ZDNet)

Prime-WoW

My site, my way, no big company can change this

Backdoor code found in 11 Ruby libraries (ZDNet)