Security News > 2020 > November > Gitpaste-12 Worm Targets Linux Servers, IoT Devices
Researchers have uncovered a new worm targeting Linux based x86 servers, as well as Linux internet of things devices.
Of note, the malware utilizes GitHub and Pastebin for housing malicious component code, and has at least 12 different attack modules available - leading researchers to call it "Gitpaste-12." It was first detected by Juniper Threat Labs in attacks on Oct. 15, 2020.
"The malware chooses a random /8 CIDR for attack and will try all addresses within that range," according to researchers.
Classless Inter-Domain Routing is a method for allocating IP addresses and for IP routing - meaning that the attack targets all IP addresses within the random CIDR's range.
Several new worms have popped up in 2020 so far, including the Golang worm, which is aimed at installing cryptominers, and recently changed up its tactics to add attacks on Windows servers and a new pool of exploits to its bag of tricks.
News URL
https://threatpost.com/gitpaste-12-worm-linux-servers-iot-devices/161016/