Cybersecurity researchers highlight multiple campaigns exploiting known vulnerabilities to use Redis servers and IoT devices for malicious activities such as botnets, proxies, and crypto mining. This evolving threat landscape emphasizes stealthy monetization strategies and sophisticated malware like Gayfemboy and TA-NATALSTATUS. #CVE202436401 #PolarEdge #Gayfemboy #RedisCryptoMining
Keypoints
- Cybercriminals exploit CVE-2024-36401 to deploy SDKs for passive income via bandwidth sharing.
- GeoServer instances are targeted, with over 7,100 exposed across 99 countries, mainly in China, US, and Europe.
- The PolarEdge botnet leverages IoT devices to create encrypted command-and-control infrastructure.
- Malware like Gayfemboy targets multiple architectures, incorporating evasion and DDoS capabilities.
- Cryptojacking campaigns involve exploiting Redis servers using stealthy scripts and persistence techniques.
Read More: https://thehackernews.com/2025/08/geoserver-exploits-polaredge-and.html