RubyGems typosquatting attack hits Ruby developers with trojanized packages
Over 700 malicious packages with names similar to legitimate ones have been uploaded to RubyGems, a popular repository of third-party components for the Ruby programming language. The upload took place over the course of a week in February, researchers report. The rogue packages contained a malicious script that, when executed on Windows computers, hijacked cryptocurrency transactions by replacing the recipient’s wallet address with one controlled by the attacker.
Source:: IT news – Security