Two Laced Ransomware Gems Discovered In The Rubygems Repository Cybers Guards
The two gems, pretty-color and ruby-bitcoin, contained Windows machine-targeting malware that was intended to replace any clipboard cryptocurrency wallet address with an attacker-supplied one. By replacing the addresses of the crypto-wallet, the malware helps the attackers hijack transactions and steal funds from the victim. When investigating the two jewels, Sonatype, a software development and security company, found that pretty-color had valid colourize files, a trustworthy open source portion, which made it more difficult to detect....