HeadCrab: The Stealthy Malware Infiltrating Redis Servers for Cryptomining

by | Feb 2, 2023 | News

HeadCrab malware Redis servers online to mine Monero

Post Views: 388

Premium Content

Subscribe to Patreon to watch this episode.

Reading Time: 3 Minutes

HeadCrab mining Monero through Redis servers

A new malware called HeadCrab has been discovered by Aqua Security researchers that is specifically designed to target vulnerable Redis servers online to mine Monero cryptocurrency.

The malware has infected over a thousand servers since September 2021 and has built a botnet that is undetectable by traditional anti-virus solutions. Redis servers are designed to be used within an organization’s network, and if they are not secured, attackers can easily compromise and hijack them.

HeadCrab malware (Aqua Security)

See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses

Cryptomining botnet

The HeadCrab malware provides the attackers with complete control over the targeted server and enables them to add it to their cryptomining botnet.

The malware runs in memory on compromised devices, deletes all logs, and communicates only with other servers controlled by the attackers to evade detection.
The attackers are estimated to be earning an annual profit of around $4,500 per worker, which is much higher than the average earnings of similar operations.

Protection against HeadCrab

To protect Redis servers, administrators are advised to ensure that only clients within their network can access them, disable the “slaveof” feature if it’s unused, and enable protected mode, which restricts the instance to only respond to the loopback address.

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?
If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link