HeadCrab 2.0: Evolving Threat in Redis Malware Landscape

Aqua Nautilus researchers describe HeadCrab 2.0, a more advanced Redis-targeting malware that replaces on-disk payloads with a fileless loader and hides C2 by hijacking the standard Redis MGET command; the report details hooking techniques, detection workarounds, a global scan that identified roughly 1,100 additional compromised servers (nearly doubling prior counts), and recommendations for evolving detection and monitoring.