A new wormable botnet that spreads via GitHub and Pastebin has returned with expanded capabilities to compromise web applications, IP cameras, and routers. Researchers from Juniper Threat Labs documented a crypto-mining campaign called “Gitpaste-12,” which used GitHub to host malicious code containing as many as 12 known attack modules. The attacks occurred during a 12-day period starting from October 15, 2020, before both the Pastebin URL and repository were shut down on October 30, 2020. The second wave of attacks began on November 10 using payloads from a different GitHub repository.
Source: https://thehackernews.com/2020/12/wormable-gitpaste-12-botnet-returns-to.html