rubygems

RubyGems Bitcoin Stealing Malware postmortem 1

RubyGems Bitcoin Stealing Malware postmortem

Introduction On the 7th and 13th of December, there were two malicious packages uploaded to RubyGems. Here’s the postmortem and analysis of the packages’ content. Diffend.io platform that I run closely cooperates with the RubyGems team, providing immediate insights into any gems that have “weird” characteristics. Thanks to that, the gems were yanked relatively fast. …

RubyGems Bitcoin Stealing Malware postmortem Read More »

How to take over a Ruby gem and what to do with it / RubyKaigi 2019 presentation

Using Ruby gems is safe, right? We’re a nice community of friendly beings that act towards the same goal: making Ruby better. But is that true? Can we just blindly use libraries, without making sure, that they are what they are supposed to be? Learn how you can take over a gem, what you can …

How to take over a Ruby gem and what to do with it / RubyKaigi 2019 presentation Read More »