Hackers Compromise NGINX Servers to Redirect User Traffic

Malicious actors are compromising NGINX servers as part of a campaign aimed at hijacking user traffic and redirecting it through the attackers' backend infrastructure. This operation allows the hackers to take control of the data flow passing through the compromised servers and route it according to their objectives. The targeted NGINX servers are used as relay points to intercept and redirect legitimate user connections to systems controlled by the attackers.