The P2PInfect peer-to-peer (P2) worm has been seen using initial access techniques that weren’t previously known to exist to hack into vulnerable Redis servers and integrate them into a botnet.
Researchers Nate Bill and Matt Muir of Cado Security stated in a study shared with The Hacker News that “the malware compromises exposed instances of the Redis data store by exploiting the replication feature.”
“Using a rogue instance to activate replication is a frequent attack method against Redis in cloud environments. By establishing a connection to an exposed Redis instance and issuing the SLAVEOF command, this is accomplished.
Palo Alto Networks Unit 42 was the first to identify the Rust-based malware, highlighting its capacity to take advantage of a crucial vulnerability read more New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.