Tag: Undocumented Breach Methods

New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods
News

New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods

The P2PInfect peer-to-peer (P2) worm has been seen using initial access techniques that weren't previously known to exist to hack into vulnerable Redis servers and integrate them into a botnet. Researchers Nate Bill and Matt Muir of Cado Security stated in a study shared with The Hacker News that "the malware compromises exposed instances of the Redis data store by exploiting the replication feature." "Using a rogue instance to activate replication is a frequent attack method against Redis in cloud environments. By establishing a connection to an exposed Redis instance and issuing the SLAVEOF command, this is accomplished. Palo Alto Networks Unit 42 was the first to identify the Rust-based malware, highlighting its capacity to take advantage of a crucial vulnerability read more N...