Novel Worm-Like Malware P2Pinfect Targets Redis Deployments
Cado Security said the malware acts as a botnet and is compatibille with both Windows and Linux
The Worm tag covers self-spreading malware that can spread rapidly, plus reported incidents, technical analysis, disruption efforts, and defensive guidance.
Search across headline titles and summaries.
Background for this topic.
Worms are malware programs that replicate and spread between systems without needing to attach to another file. They may move through exploitable network services, vulnerable applications, removable media, or other connected paths; the route depends on the family. Their defining concern is rapid propagation: one compromised host can seed many others, causing outages or resource exhaustion and, in some cases, delivering additional code or enabling unauthorized access.
Security teams should assess worm reports alongside the affected software and exposure details. Priorities include applying patches or mitigations, disabling unnecessary services, and segmenting networks to limit movement. Monitor for unusual scanning, repeated connection attempts, and clusters of similar infections. During an incident, isolate affected systems, restrict relevant communications where practical, preserve forensic evidence, and verify that vulnerable hosts are remediated before reconnecting them.
Cado Security said the malware acts as a botnet and is compatibille with both Windows and Linux
The revival of the beloved online multiplayer video game was short-lived once players detected unusual activity and behavior that portended malware.
Threat actors are actively targeting exposed instances of the Redis open-source data store with a peer-to-peer self-replicating worm with versions for both Windows and Linux that the malware authors named P2Pinfect. [...]
The P2PInfect peer-to-peer (P2) worm has been observed employing previously undocumented initial access methods to breach susceptible Redis servers and rope them into a botnet