Researchers Find Over 6,000 Compromised Redis Installations

An anonymous Slashdot reader writes:
Security researchers have discovered over 6,000 compromised installations of Redis, the open source in-memory data structure server, among the tens of thousands of Redis servers indexed by Shodan. “By default, Redis has no authentication or security mechanism enabled, and any security mechanisms must be implemented by the end user.”

The researchers also found 106 different Redis versions compromised, suggesting “there are a lot of Redis installations that are not upgrading to the most recent versions to fix any known security issues.” 5,892 infections were linked to the same email address, with two more email addresses that were both linked to more than 200. “The key take away from this research for us has been that insecure default installations continue to be a significant issue, even in 2016.”
Redis “is designed to be accessed by trusted clients inside trusted environments,” according to its documentation. “This means that usually it is not a good idea to expose the Redis instance directly to the internet or, in general, to an environment where untrusted clients can directly access the Redis TCP port or UNIX socket… Redis is not optimized for maximum security but for maximum performance and simplicity.”


Share on Google+

Read more of this story at Slashdot.

Clip to Evernote

Leave a Reply

Your email address will not be published. Required fields are marked *