From Dormant to Dangerous: P2Pinfect Evolves to Deploy New Ransomware and Cryptominer
released on 2024-06-27 @ 08:14:55 AM
P2Pinfect is a sophisticated malware that utilizes a peer-to-peer botnet for command and control. Initially appearing dormant, it has evolved to deploy ransomware and cryptominer payloads. The malware spreads via exploiting Redis and limited SSH capabilities. A recent update introduced a new ransomware payload that encrypts files with specific extensions, while a cryptominer targets system resources. Additionally, a usermode rootkit component aims to hide malicious processes, albeit with limitations regarding initial access permissions.