Migo - a Redis Miner with Novel System Weakening Techniques
released on 2024-02-20 @ 05:15:44 PM
A novel malware campaign targeting Redis for initial access was recently encountered. The malware, named Migo, aims to compromise Redis servers for cryptocurrency mining on the underlying Linux host. It utilizes novel Redis system weakening commands to exploit Redis. Migo is delivered as an obfuscated Golang ELF binary with the ability to persist on Linux hosts. A modified rootkit is deployed to hide processes and artifacts.