VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

GemStuffer: RubyGems as a Storage Channel for Scraped UK Council Data

GemStuffer: RubyGems как канал хранения скрапленных данных советов Великобритании

Colleagues, I’d like to draw attention in cybersecurity: the GemStuffer campaign uses RubyGems as a storage channel for data scraped from UK council portals.

Socket has found over 150 packages that wrap ModernGov responses (Lambeth, Wandsworth, Southwark) into .gem files and publish them with embedded API keys.

Mechanism: page collection, creation of valid .gem packages and publication — via temporary credentials in /tmp or directly via API; content can be retrieved via gem fetch.

Recommendations: audit and rotate registry keys, monitor for unexpected publications, secure CI and restrict publish permissions.

Why it matters: package registries can serve as covert repositories for exfiltrated data.

How do you protect your package publishing process?

#cybersecurity #supplychain #RubyGems #infosec

Latest comments

No comments yet.