"A New Sophisticated SkidMap Variant Targets Unsecured Redis Servers"

A malicious campaign is targeting Redis servers with a new variant of the SkidMap malware. SkidMap is a piece of cryptocurrency mining malware discovered by Trend Micro in September 2019 as it targeted Linux machines. The malicious code evaded detection by using kernel-mode rootkits. It differs from similar cryptocurrency miners in that it loads malicious kernel modules. Researchers at Trustwave discovered a new, enhanced, and dangerous SkidMap variant that was designed to target a variety of Linux distributions, including Alibaba, Anolis, openEuler, EulerOS, Steam, CentOS, RedHat, and Rock. This variant was observed to target only open Redis instances (so-called 'NO AUTH'). The researchers did not observe brute-force attacks. This article continues to discuss the new sophisticated SkidMap variant involved in a campaign targeting Redis servers.

Security Affairs reports "A New Sophisticated SkidMap Variant Targets Unsecured Redis Servers"

Submitted by Anonymous on