My hosted server is going unresponsive

I have hosted the server on on my could

upon inspecting i found CPU usage is 100%

and I found that rsync is running continosly

I think this has been started through the corn (not sure though)

I would like to know what are this cornjobs are for ?

Alright, everyone, I’ve learned a valuable lesson the hard way.

I made a mistake that I now realize was quite foolish. I had set the password for the “frappe” user as “frappe123” . Unfortunately, this oversight led to a security breach, and my system was compromised by a hacker.

To rectify the situation, I followed the steps outlined in the following guide: https://nitifilter.com/en/ive-been-hacked/.

Additionally, it’s important to note that you should also install an xmrig detector and remove any suspicious components. Here are the commands to do so:

ps aux | grep xmrig
killall -9 xmrig
rm -rf c3pool

For further details on the threat and how to mitigate it, refer to this informative article: https://yoroi.company/en/research/outlaw-is-back-a-new-crypto-botnet-targets-european-organizations/.

Let’s all learn from this experience and ensure we prioritize security measures to protect our systems in the future.

1 Like