A new wave of cryptojacking attacks targeting Linux systems has emerged, exploiting Redis configuration commands to deploy Monero (XMR) mining malware. This campaign, dubbed RedisRaider, silently hijacks vulnerable Linux servers by abusing Redis and Docker APIs to build extensive cryptojacking networks. The malware uses Go-based tools to deploy XMRig miners, while other variants leverage Dero miners to expand their reach through containerized environments. Cybersecurity experts have highlighted the increasing sophistication of these attacks and the use of cryptojacking as a service to compromise cloud and server infrastructures.