eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Security experts have uncovered a new malware campaign, RedisRaider, that targets misconfigured Redis servers to secretly mine cryptocurrency. The malware, written in Go, spreads aggressively by exploiting weak Redis configurations, ultimately deploying the XMRig Monero miner on compromised Linux systems.
Datadog Security Labs discovered the campaign and described it as a highly evasive operation using advanced obfuscation techniques to avoid detection.
How it works: Scanning, exploiting, and mining
The attack starts with a custom-built scanner that randomly searches the internet for Redis servers running on…