Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that’s targeting publicly accessible Redis servers.

The malicious activity has been codenamed RedisRaider by Datadog Security Labs.

“RedisRaider aggressively scans randomized portions of the IPv4 space and uses legitimate Redis configuration commands to execute malicious cron jobs on vulnerable systems,” security researchers Matt Muir and Frederic Baguelin said.