A previously documented cryptomining worm dubbed Gitpaste-12 has returned with a wide-ranging series of attacks targeting web applications and IoT devices. The latest version of the worm exploits at least 31 vulnerabilities, Juniper Threat Labs says. The operators behind the worm were also using legitimate services, such as GitHub and Pastebin, to help hide the malware’s infrastructure. The worm also attempts to compromise open Android Debug Bridge connections and existing malware backdoors, the report says. Researchers also found a repository of new attacks vectors in one of malware’s variants that they examined.”]
Source: https://www.govinfosecurity.com/cryptomining-worm-now-targets-web-apps-iot-devices-a-15622