Best Top Reviews Online

Redis Vulnerability Exploited By Hackers To Deploy New Redigo Malware On Servers

Undocumented Go-based malware is targeting Redis servers to seize control of the infected systems and likely construct a botnet network.

According to cloud security firm Aqua, the attacks exploit a critical security vulnerability in the open source, in-memory, key-value store that was disclosed earlier this year to deploy Redigo.

The vulnerability, identified as CVE-2022-0543 (CVSS score: 10.0), is a sandbox escape in the Lua scripting engine that could be exploited for remote code execution.

This is not the first time the vulnerability has been actively exploited; Juniper Threat Labs discovered arbitrary command execution attacks perpetrated by the Muhstik botnet in March 2022.

Similar to the Redigo infection chain, adversaries scan for exposed Redis servers on port 6379 to gain initial access, and then download the shared library “exp lin. so” from a remote server.

This library file contains an exploit for CVE-2022-0543 that executes a command to retrieve Redigo from the same server, in addition to simulating legitimate Redis cluster communication over port 6379 to conceal its activity.

“The dropped malware mimics Redis server communication, enabling adversaries to conceal communications between the targeted host and the C2 server,” explained Aqua researcher Nitzan Yaakov.

It is unknown what the ultimate objective of the attacks is, but it is suspected that compromised hosts could be co-opted into a botnet to facilitate DDoS attacks or used to steal sensitive information from the database server to expand their reach.

Why Trust Us?

Best Top Reviews Online was established in 2018 to provide our readers with detailed, truthful, and impartial advice on what to buy. We now have millions of monthly users from all over the world and annually evaluate over a thousand products.

The above article was written by the BestTopReviewsOnline team, which consists of some of the most knowledgeable technical experts in the United States. Our team consists of highly regarded writers with vast experience in smartphones, computer components, technology apps, security, and photography, among other fields.

Related Stories

  • All Post
  • Best Picks
  • Explainers
  • How To
  • News
  • Versus
380K Kubernetes API Servers Exposed to Public Internet

May 20, 2022

More than 380,000 of the more than 450,000 servers hosting the open-source container-orchestration engine for managing cloud deployments permit access in some form. Researchers have discovered that more than 380,000 Kubernetes API servers provide access to the public internet, making…

Get more info

Deals

Reviews

Best Products

Buying Guides

Contact Us

About Us

We provide a platform for our customers to rate and review services and products, as well as the stores that sell them. We research and compare the most popular brands and models before narrowing it down to the top ten, providing you with the most comprehensive and reliable buying advice to help you make your decision.

Disclaimer

BestTopReviewsOnline.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com. As an Amazon Associate I earn from qualifying purchases.

 

Address & Map

20 S Santa Cruz Ave, Suite 300, Los Gatos, CA 95030, United States

© 2022 BestTopReviewsOnline.com Pty. Ltd. All Rights Reserved. Licensing: All third-party trademarks, images, and copyrights used on this page are for comparative advertising, criticism, or review. As this is a public forum where users can express their opinions on specific products and businesses, the opinions expressed do not reflect those of BestTopReviewsOnline.com.