June 27, 2024 at 10:39AM P2PInfect, a peer-to-peer botnet, has shifted from being dormant to a financially motivated operation, targeting misconfigured Redis servers with ransomware and cryptocurrency miners. It spreads by transforming victim systems into follower nodes and has been updated to target MIPS and ARM architectures. The malware uses a mesh network to push … Read more
June 26, 2024 at 08:08AM The P2Pinfect worm, originally targeting Redis servers, has been modified to include ransomware and cryptocurrency mining payloads. This new update poses a heightened threat to Redis servers. This update was reported by SecurityWeek. Based on the meeting notes, the key takeaways are: – The P2Pinfect worm, previously targeting Redis servers, … Read more
June 25, 2024 at 06:08AM P2PInfect, initially a dormant malware botnet, has become active, deploying ransomware and a cryptominer on Redis servers. Cado Security reports conflicting evidence about its motives and identifies new features such as cron-based persistence mechanisms and SSH lockout. The malware also targets 32-bit MIPS processors. It now poses a genuine threat … Read more
June 25, 2024 at 06:03AM The innocuous Linux botnet, “P2PInfect,” has transformed into a potent threat, incorporating a rootkit, cryptominer, and ransomware. Its propagation method exploits the Redis database application, primarily impacting East Asia. Organizations worldwide, utilizing Redis, are advised to enhance server protection measures against this evolving malware. Detecting its artifacts such as high … Read more
December 4, 2023 at 06:54AM Cybersecurity experts have uncovered a new version of the P2PInfect botnet targeting routers and IoT devices, now able to infect devices using MIPS architecture. First identified in 2023 exploiting a critical Redis vulnerability, P2PInfect has evolved with evasion tactics and now includes a Windows DLL module, indicating a sophisticated threat … Read more