Security researchers have identified roughly 760 malicious libraries uploaded by cybercriminals to RubyGems, which contain open source components that are commonly used as building blocks by software developers. The malicious libraries steal Bitcoin, and have been identified in the Ruby programming language codebase.
Threat analysts at ReversingLabs stated that cybercriminals have been using typosquatting to launch their Bitcoin-stealing plans, which is the process of changing a character in a filename or URL in order to fool victims into thinking it’s legitimate. Users who are not observant could accidentally download the malicious file rather than the legitimate one. The RubyGems repository contains roughly 158,000 gems with almost 49 billion downloads.
Read More: Bitcoin Stealers Hide in 700+ Ruby Developer Libraries