Gitpaste-12 malware wants to add your Linux servers and IoT devices to its botnet


A new form of malware is targeting Linux servers and Internet of Things (IoT) devices and adding them to a botnet in what appears to be the first stage of a hacking campaign targeting cloud computing infrastructure – although the purpose of the attacks remains unclear.

Uncovered by cybersecurity researchers at Juniper Threat Labs, the malicious worm has been dubbed Gitpaste-12, reflecting on how it uses GitHub and Pastebin for housing component code and has 12 different means of compromising Linux based x86 servers, as well as Linux ARM and MIPS based IoT devices.

These include 11 known vulnerabilities in technology including Asus, Huawei and Netlink routers as well as the likes of MongoDB and Apache Struts as well as the ability to compromise systems by using brute force attacks to crack default or common usernames and passwords.

Read more…
Source: ZDNet