More than 725 malicious packages downloaded thousands of times were recently found populating RubyGems, the official channel for distributing programs and code libraries for the Ruby programming language.
The malicious packages were downloaded almost 100,000 times, although a significant percentage of those are likely the result of scripts that automatically crawl all 158,000 packages available in the repository, Tomislav Pericin, the cofounder and chief software architect of security firm ReversingLabs, told Ars. All of them originated from just two user accounts: “JimCarrey” and “PeterGibbons.”
From the article: