The newly discovered malware uses GitHub and Pastebin to house component code, and harbors 12 different initial attack vectors. It was first detected by Juniper Threat Labs in attacks on Oct. 15, 2020. The malware s various attack modules include 11 previously-disclosed vulnerabilities. Researchers said they reported the Pastebin URL, as well as the Git repo that downloads malicious scripts for the malware, to stop the spread of the botnet. The worm also has commands that disable cloud security agents, which clearly indicates the threat actor intends to target public cloud computing infrastructure provided by Alibaba Cloud and Tencent
Source: https://threatpost.com/gitpaste-12-worm-linux-servers-iot-devices/161016/