Migo Targets Redis Servers for Cryptojacking Attacks

Summary:

A new campaign has been uncovered that mines cryptocurrencies on Redis servers running Linux hosts by means of a malicious programme known as “Migo.” Migo is distributed as a Golang ELF binary that can persist on Linux hosts and is obfuscated at compile time. The malware uses a variety of commands to leverage Redis and initiate a cryptojacking attack.

Threat Level – Amber | Attack Report

For a detailed threat advisory, download the pdf file here

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.