National Cyber Warfare Foundation (NCWF)

RedisRaider Linux Cryptojacking Campaign Targets Redis Servers (Campaign)
0 user ratings		2026-01-16 10:45:56
milo
Attacks
RedisRaider begins by indiscriminately scanning the IPv4 space for Redis servers open on port 6379. Upon identifying a target, the malware checks the server OS and uses Redis commands to inject a base64-encoded shell script as a cron job. It writes this payload to disk by reco...

RedisRaider begins by indiscriminately scanning the IPv4 space for Redis servers open on port 6379. Upon identifying a target, the malware checks the server OS and uses Redis commands to inject a base64-encoded shell script as a cron job. It writes this payload to disk by reco...

Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/redisraider-linux-cryptojacking-campaign-targets-redis-servers

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Attacks


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.