Gitpaste-12 (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

elf.gitpaste12 (Back to overview)

Gitpaste-12

Gitpaste-12 is a modular malware first observed in October 2020 targeting Linux based x86 servers, as well as Linux ARM and MIPS based IoT devices. It uses GitHub and Pastebin as dead drop C2 locations.

References

2020-11-05 ⋅ Juniper ⋅ Alex Burt, Trevor Pott
Gitpaste-12: a new worming botnet with reverse shell capability spreading via GitHub and Pastebin
Gitpaste-12

There is no Yara-Signature yet.

Gitpaste-12 Propose Change

References

Gitpaste-12