Gitpaste Worm

The newly discovered Gitpaste-12 worm exploits GitHub and Pastebin to house component code, and harbors 12 different initial attack vectors.


Researchers have uncovered a new worm targeting Linux based x86 servers, as well as Linux internet of things (IoT) devices (that are based on ARM and MIPS CPUs).

Of note, the malware utilizes GitHub and Pastebin for housing malicious component code, and has at least 12 different attack modules available – leading researchers to call it “Gitpaste-12.” It was first detected by Juniper Threat Labs in attacks on Oct. 15, 2020.

“No malware is good to have, but worms are particularly annoying,” said researchers with Juniper Threat Labs in a Thursday post. “Their ability to spread in an automated fashion can lead to lateral spread within an organization or to your hosts attempting to infect other networks across the internet, resulting in poor reputation for your organization.”