Analyzing The Migo Redis Miner System Weakening Techniques
"Researchers have identified a malware campaign targeting Redis servers for initial access. Unlike previous exploits focusing on Linux and cloud environments this campaign employs novel techniques directly against the Redis data store. Named ""Migo"" by its developers the malware aims to hijack Redis servers to mine cryptocurrency on the underlying Linux host. It utilizes specific commands to weaken Redis and execute a cryptojacking attack. Migo is distributed as a Golang ELF binary with compile-time obfuscation and the ability to persist on Linux hosts. Additionally it deploys a modified version of a popular user-mode rootkit to conceal processes and on-disk artifacts."