The Redigo backdoor is written in the Go programming language and targets Redis servers vulnerable to a Lua scripting engine defect.
The flaw is classified under CVE-2022-0543 and allows the remote attacker to execute arbitrary commands.
The threat actor behind the attack attempted to hide communication by sending data from the malware to command-and-control servers over Redis port 6379.