New findings were published today on the “Gitpaste-12” worm, which uses GitHub and Pastebin to store component code and has at least 12 different attack modules available to exploit a range of vulns. It relies on GitHub and Pastebin to download payloads, two sites that aren’t usually blocked and their connection is encrypted, making it more difficult for traditional security measures to block this attack. Current targets are Linux based x86 servers, and Linux ARM and MIPS based IoT devices.
Juniper Threat Labs: Gitpaste-12: a new worming botnet with reverse shell capability spreading via GitHub and Pastebin – Gitpaste-12: a new worming botnet with reverse shell capability spreading via GitHub and Pastebin
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
