The Metasploit Meterpreter installed through the Redis server.

  • AhnLab Security Intelligence Center (ASEC) recently discovered that the Metasploit Meterpreter backdoor malware is being installed through Redis services.
  • Redis is an open-source in-memory data structure store and database, commonly used for caching, session management, message brokering, and queuing.
  • The attackers likely exploited improper configurations or vulnerabilities to execute commands.
  • Redis is widely used worldwide, making it a prime target for attackers.
  • Some of the malware installed through vulnerable Redis services include Kinsing and P2PInfect.

https://asec.ahnlab.com/ko/63614/