Gitpaste-12 Worm Targets Linux Servers, IoT Devices

Gitpaste-12 Worm Targets Linux Servers, IoT Devices

The newly discovered malware uses GitHub and Pastebin to house component code, and harbors 12 different initial attack vectors. Gitpaste-12 Worm Targets Linux Servers, IoT Devices

The newly discovered malware uses GitHub and Pastebin to house component code, and harbors 12 different initial attack vectors.

Researchers have uncovered a new worm targeting Linux based x86 servers, as well as Linux internet of things (IoT) devices (that are based on ARM and MIPS CPUs).

Of note, the malware utilizes GitHub and Pastebin for housing malicious component code, and has at least 12 different attack modules available – leading researchers to call it “Gitpaste-12.” It was first detected by Juniper Threat Labs in attacks on Oct. 15, 2020.

“No malware is good to have, but worms are particularly annoying,” said researchers with Juniper Threat Labs  in a Thursday post. “Their ability to  spread in an automated fashion can lead to lateral spread within an organization or to your hosts attempting to infect other networks across the internet, resulting in poor reputation for your organization.”

The first phase of the attack is the initial system compromise. The malware’s various attack modules include 11 previously-disclosed vulnerabilities. That includes flaws in  Apache Struts (CVE-2017-5638), Asus routers (CVE-2013-5948), Webadmin plugin for opendreambox (CVE-2017-14135) and  Tenda routers (CVE-2020-10987).

The malware will attempt to use known exploits for these flaws to compromise systems and may also attempt to brute force passwords, said researchers. After compromising a system, a main shell script is then uploaded to the victim machine, and starts to download and execute other components of Gitpaste-12.

hacks botnet github linux worm

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

Ethical Hacking using Kali Linux | Ethical Hacking Tutorial

This Edureka "Ethical Hacking using Kali Linux" video will give you an introduction to Ethical Hacking and Kali Linux. This video will give you an exhaustive video on the fundamentals of Kali Linux and teach how to use the operating system along with its various tools

Learn Ethical Hacking using Kali Linux | Ethical Hacking Tutorial

Ethical Hacking using Kali Linux will help you understand all about penetration testing, its methodologies, and tools.

Learn Ethical Hacking using Kali Linux | Ethical Hacking Tutorial

This Edureka video on "Ethical Hacking using Kali Linux " will help you understand all about penetration testing, its methodologies, and tools.

How to Compare Multiple GitHub Projects with Our GitHub Stats tool

In this article we are going to compare three most popular machine learning projects for you.

Hire Dedicated Linux Developer

Looking to develop real-time applications? **[Hire Dedicated Linux Developer](https://hourlydeveloper.io/hire-dedicated-linux-developer/ "Hire Dedicated Linux Developer")** from **[HourlyDeveloper.io](https://hourlydeveloper.io/...