Ruby on Rails servers - A new malware target

Server admins are being urged to update their Ruby On Rails servers after the discovery of an active malware campaign targeting vulnerable versions of the web development framework. The exploit is used by attackers to add a custom scheduled task that executes a sequence of commands, which includes the ability to download and execute files as needed. Once compromised, these servers report back to listen for further instructions on an IRC channel. Any enthusiastic attacker could take control of them by issuing appropriate commands.

Takeaway: Users should update Ruby on Rails installations on their servers to the latest version that contains the patch for this vulnerability. Besides upgrading, users should regularly scan their servers for new and upcoming vulnerabilities for various software components.