#MigoMalware – Xynik

Redis Servers Targeted With New ‘Migo’ Malware

February 21, 2024 by Xynik

February 21, 2024 at 07:45AM New malware targets Redis servers with a user mode rootkit and cryptocurrency miners, bypassing security measures and deploying a Golang-based malware ‘Migo’. The attacks utilize persistence mechanisms, rootkit ‘libprocesshider’, and obfuscation to evade detection. Threat actors demonstrate evolving capabilities with both established and new techniques targeting Redis servers. Key takeaways … Read more

New Migo malware disables protection features on Redis servers

February 20, 2024 by Xynik

February 20, 2024 at 02:44PM Researchers discovered a new malware campaign targeting Linux-based Redis servers, using a piece of malware called ‘Migo’ to mine for cryptocurrency. Migo disables key security features of Redis, allowing attackers to run cryptojacking activities. It also establishes persistence for a Monero miner, uses a rootkit for concealment, and manipulates system … Read more