Alert: RubyGems' 11 Ruby libraries contain backdoor code for mining or stealing coins

According to the slow fog August 21 news, the maintainer of the RubyGems package repository has extracted 18 malicious files containing backdoor code from 11 Ruby libraries and captured malicious code that was launched in other people's Ruby projects. The hidden cryptocurrency mining program! Used to mine cryptocurrency or stolen money. The malicious code was first discovered yesterday in four versions of rest-client, a very popular Ruby library. According to analysis by Dutch Ruby developer Jan Dintel, the malicious code found in rest-client collects and sends the URL and environment variables of the infected system to a remote server in Ukraine. The code also includes a backdoor mechanism that allows an attacker to maliciously command.