Tags
LinuxCloud
ATT&CK Tactic
Persistence (TA0003)
Incidents
Tech
Last edited
Jan 21, 2024 7:16 AM
Status
Stub
About
In the case of the Kiss-a-Dog campaign, this involved installing a Redis server in the background and listening on port 6379 for any incoming connection. The Redis server was used to backdoor the container, where cron jobs were set to run additional scripts for mining and pivoting.