Cryptojacking Scripts Found in 11 Open-Source Code Libraries

Malicious Cryptojacking Cryptojacking Cryptojacking is defined as the unauthorized use of an individual’s computer to mine cryptocurrency. Hackers accomplish this feat by through several means.This includes obtaining access via malicious links in an email that loads crypto mining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim’s browser.Consequently, this crypto mining code is able to work out of sight of unsuspecting victims, often without notice. The on Cryptojacking is defined as the unauthorized use of an individual’s computer to mine cryptocurrency. Hackers accomplish this feat by through several means.This includes obtaining access via malicious links in an email that loads crypto mining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim’s browser.Consequently, this crypto mining code is able to work out of sight of unsuspecting victims, often without notice. The on Read this Term scripts have been found in 11 open-source code libraries of the widely used programming language Ruby.

According to a Decrypt report, the malware was discovered on Tuesday inside the Github code repository, infecting the language manager called RubyGems.

Though the actual number of victims is not known yet, it can be anticipated that thousands of computers are infected.

According to the report, the hackers downloaded the popular code libraries from RubyGems and uploaded them again under new names after infecting them with malicious pieces of code.

“On August 19, @juskoljo observed the malicious gem version and created this issue. Later that day, the RubyGems security team yanked the offending gem version and locked the affected maintainer's account. Several other gems were similarly affected,” GitHub user Juskoljo stated.

A nifty way to spread malware

Out of the eleven libraries, five were directly related to crypto with names including doge_coin, coin_base, and blockchain_wallet. These libraries were downloaded more than a thousand times.

Uploaded in early July, the infected version of coin_base was downloaded 424 times, being the most downloaded library, followed by blockchain_wallet with 423 downloads. In total, the eleven libraries were downloaded over 3500 times.

Cryptojacking is one of the most common crimes using digital currencies. Perpetrators usually inject malicious codes to victims' computers by various techniques and use their computers’ processing power to mine digital currencies. Though several Cryptocurrencies Cryptocurrencies By using cryptography, virtual currencies, known as cryptocurrencies, are nearly counterfeit-proof digital currencies that are built on blockchain technology. Comprised of decentralized networks, blockchain technology is not overseen by a central authority.Therefore, cryptocurrencies function in a decentralized nature which theoretically makes them immune to government interference. The term, cryptocurrency derives from the origin of the encryption techniques that are employed to secure the netw By using cryptography, virtual currencies, known as cryptocurrencies, are nearly counterfeit-proof digital currencies that are built on blockchain technology. Comprised of decentralized networks, blockchain technology is not overseen by a central authority.Therefore, cryptocurrencies function in a decentralized nature which theoretically makes them immune to government interference. The term, cryptocurrency derives from the origin of the encryption techniques that are employed to secure the netw Read this Term can be mined using CPU-power, Monero is the most favored digital coin for these hackers.

Last year, security company McAfee reported that cryptojacking activities soared by 4,000 percent in 2018 alone. However, the increasing trend is now going the other way, according to a recent report Check Point Security.

Last week, Finance Magnates reported that a newly discovered crypto-mining malware called Norman is infecting the computers of medium-sized companies and is also hiding the mining process from the Task Manager when it is opened.