A newly discovered worm and botnet named Gitpaste-12 lives on GitHub and also uses Pastebin to host malicious code. The advanced malware comes equipped with reverse shell and crypto-mining capabilities and exploits over 12 known vulnerabilities. The worm attempts to crack passwords via brute-force and exploits known vulnerabilities on the systems it infects. The malware is designed to attack cloud computing infrastructure provided by Alibaba Cloud and Tencent, state Juniper Threat Labs researchers. Some of the commands and hostnames present in the script reveal some compromised systems had TCP ports 30004 and 30005 open for receiving commands via reverse shells.
Source: https://www.bleepingcomputer.com/news/security/reverse-shell-botnet-gitpaste-12-spreads-via-github-and-pastebin/