"P2P Self-Replicating Cloud Worm Targets Redis"

Researchers have discovered a cross-platform, Rust-based, peer-to-peer (P2) worm that targets the Redis open source database application, specifically containers in the cloud. Palo Alto Network's Unit 42 released a report naming the cloud malware "P2PInfect." Due to its command-and-control (C2) network and mentions of "miner," the team suspects it may be the initial phase of a larger cryptomining operation. While the Unit 42 team discovered more than 300,000 Redis systems online, only 934 of those systems were vulnerable to the P2PInfect worm. The team reported that vulnerable Redis systems lack a patch for the Lua sandbox escape vulnerability, tracked as CVE-2022-0543, with a CVSS severity rating of 10 out of 10. This article continues to discuss the P2 worm targeting the Redis open source database application.

Dark Reading reports "P2P Self-Replicating Cloud Worm Targets Redis"