Security News > 2020 > November > Reverse shell botnet Gitpaste-12 spreads via GitHub and Pastebin
2020-11-06 04:22
A newly discovered worm and botnet named Gitpaste-12 lives on GitHub and also uses Pastebin to host malicious code.
The advanced malware comes equipped with reverse shell and crypto-mining capabilities and exploits over 12 known vulnerabilities, therefore the moniker.
Gitpaste-12 was first detected by Juniper Threat Labs lurking on GitHub around October 15th. However, commits reveal the malware has lived on GitHub since Jul 9th, 2020 until it was taken down on Oct 30th, 2020.
Further, the malware downloads the main shell script from GitHub.
Juniper's report on a sophisticated malware present on GitHub follows shortly after Octopus Scanner had been discovered infiltrating over 26 open-source GitHub projects.