The Gitpaste-12 worm has returned in new attacks targeting web applications, IP cameras and routers. Researchers have uncovered a new slew of attacks by the malware, starting on Nov. 10. Researchers discovered that the binary harbored exploits for at least 31 known vulnerabilities only seven of which were also seen in the previous sample. Researchers said the malware installs Monero cryptomining software, installs the appropriate version of the worm and opens a backdoor to listen to ports 30004 and 30006. The worm also attempts to compromise open Android Debug Bridge connections and existing malware backdoors.
Source: https://threatpost.com/gitpaste-12-worm-widens-exploits/162290/