The vast majority of Redis servers left open on the Internet without any authentication system in place are most likely harboring malware, Imperva experts say. The company’s experts reached this conclusion after running Redis-based honeypot servers for the last few months. ReddisWannaMine, a botnet operation that was secretly mining cryptocurrency, was discovered in Imperva’s honeypot data. The threat actor behind these attacks is also known to carry out intensive scans for open Redis machines within minutes after being deployed.
Source: https://www.bleepingcomputer.com/news/security/around-75-percent-of-open-redis-servers-are-infected-with-malware/