Warning: Some posts on this platform may contain adult material intended for mature audiences only. Viewer discretion is advised. By clicking ‘Continue’, you confirm that you are 18 years or older and consent to viewing explicit content.
P2PInfect, originally a dormant peer-to-peer malware botnet with unclear motives, has finally come alive to deploy a ransomware module and a cryptominer in attacks on Redis servers.
Our prod exposed Redis until I noticed. Apparently we had to reset caches after releases, and our devOPs forgot to remove access to it after creating scripts to handle that.
It happens, but it really shouldn’t. At least ours was at a different subdomain (something like app-region-redis.domain.com or whatever).
😭 why though? I assume that if you are smart enough to setup redis, you’d be smart enough to use VPNs (or similar) as to never expose it
Our prod exposed Redis until I noticed. Apparently we had to reset caches after releases, and our devOPs forgot to remove access to it after creating scripts to handle that.
It happens, but it really shouldn’t. At least ours was at a different subdomain (something like app-region-redis.domain.com or whatever).