Tuesday , 17 July 2018
Home » NEWS » EDITOR’S NEWS » RedisWannaMine: Complex New Cryptojacking Attack Discovered
RedisWannaMine: Complex New Cryptojacking Attack Discovered

RedisWannaMine: Complex New Cryptojacking Attack Discovered

Recently cryptojacking attacks have been spreading like wildfire and Imperva has witnessed that these attacks hold roughly 90% of all remote code execution attacks in web applications. However, this week a new generation of cryptojacking attacks was discovered which is aimed at both database servers and application servers.

 

Researchers from Imperva discovered the extremely complex cryptojacking attack dubbed RedisWannaMine, which is powered by Redis and NSA exploits and aimed at both database servers and application servers.

 

RedisWannaMine is more complex in terms of evasion techniques and capabilities. It demonstrates a worm-like behavior combined with advanced exploits to increase the attackers’ infection rate and fatten their wallets.

 

In a nutshell, cryptojacking attackers have upped their game and they are getting crazier by the minute!

 

To protect against the attack, Imperva recommends the following:

 

  • Protect your web applications and databases. The initial attack vector was introduced through a web application vulnerability. A properly patched application or an application protected by a WAF should be safe.
  • Make sure you don’t expose your Redis servers to the world. This can be achieved with a simple firewall rule.
  • Make sure you don’t run machines with the vulnerable SMB version in your organization. You can use thisawesome tool to do check it

 

About Dean Alvarez

Dean is Features Editor at IT Security Guru. Aside from cyber security and all things tech, Dean's interests include wine tasting, roller blading and playing the oboe in his Christian rock band, Noughts & Crosses.

You can reach Dean via email - dean@itsecurityguru.org