Security News

Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining
2024-03-06 16:58

Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of an emerging malware campaign designed to...

Hackers target Docker, Hadoop, Redis, Confluence with new Golang malware
2024-03-06 12:09

Hackers are targeting misconfigured servers running Apache Hadoop YARN, Docker, Confluence, or Redis with new Golang-based malware that automates the discovery and compromise of the hosts. According to the researchers, the hackers deploy a set of four novel Golang payloads that are responsible for identifying and exploiting hosts running services for Hadoop YARN, Docker, Confluence, and Redis.

New Migo malware disables protection features on Redis servers
2024-02-20 19:38

Security researchers discovered a new campaign that targets Redis servers on Linux hosts using a piece of malware called 'Migo' to mine for cryptocurrency. Hackers are always looking for exposed and potentially vulnerable Redis servers to hijack resources, steal data, and other malicious purposes.

New Migo Malware Targeting Redis Servers for Cryptocurrency Mining
2024-02-20 15:20

A novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts. "This particular campaign involves...

HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining
2024-02-01 11:22

Cybersecurity researchers have detailed an updated version of the malware HeadCrab that's known to target Redis database servers across the world since early September 2021. The development, which...

New SkidMap Linux Malware Variant Targeting Vulnerable Redis Servers
2023-08-07 09:52

Vulnerable Redis services have been targeted by a "New, improved, dangerous" variant of a malware called SkidMap that's engineered to target a wide range of Linux distributions. "The malicious nature of this malware is to adapt to the system on which it is executed," Trustwave security researcher Radoslaw Zdonczyk said in an analysis published last week.

P2PInfect server botnet spreads using Redis replication feature
2023-07-31 15:31

Threat actors are actively targeting exposed instances of SSH and Redis Redis open-source data store with a peer-to-peer self-replicating worm with versions for both Windows and Linux that the malware authors named P2Pinfect. After compromising a vulnerable Redis instance with an initial payload, P2PInfect downloads new OS-specific scripts and malicious binaries and adds the server to its list of infected systems.

New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods
2023-07-31 13:38

The P2PInfect peer-to-peer worm has been observed employing previously undocumented initial access methods to breach susceptible Redis servers and rope them into a botnet. "The malware compromises exposed instances of the Redis data store by exploiting the replication feature," Cado Security researchers Nate Bill and Matt Muir said in a report shared with The Hacker News.

New P2PInfect worm malware targets Linux and Windows Redis servers
2023-07-20 12:02

Earlier this month, security researchers discovered a new peer-to-peer malware with self-spreading capabilities that targets Redis instances running on Internet-exposed Windows and Linux systems. The Unit 42 researchers who spotted the Rust-based worm on July 11 also found that it hacks into Redis servers that have been left vulnerable to the maximum severity CVE-2022-0543 Lua sandbox escape vulnerability.

New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems
2023-07-20 06:12

Cybersecurity researchers have uncovered a new cloud targeting, peer-to-peer worm called P2PInfect that targets vulnerable Redis instances for follow-on exploitation. "P2PInfect exploits Redis servers running on both Linux and Windows Operating Systems making it more scalable and potent than other worms," Palo Alto Networks Unit 42 researchers William Gamazo and Nathaniel Quist said.