The malicious "rustdecimal" crate

The Rust Blog warnsdevelopers of a malicious crate named rustdecimal, which wasevidently targeted at GitLab users who mistype rust_decimal.

The crate contained identical source code and functionality as thelegit rust_decimal crate, except for the Decimal::new function.

When the function was called, it checked whether the GITLAB_CIenvironment variable was set, and if so it downloaded a binarypayload into /tmp/git-updater.bin and executed it. The binarypayload supported both Linux and macOS, but not Windows.