Conversation:
Notices
-
Well that explains why my processes were dying. #Exim vulnerability let a cryptocurrency miner in. Would never have noticed if the script wasn't over-zealous in identifying process that may be a threat. Start killing #MySQL and #Apache and people will notice. Going through my system deleting the garbage now. Feel like I can hear HAL singing "Daisy, Daisy…" https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/trojan.sh.mixbash.a
-
Well, that was painful. After playing whack-a-mole with all the redundant processes, executables, /etc/cron* entries, etc., a bash script to stomp on the lot and immediately reboot for good measure saw off the script kiddies in time for #work today.
-
CryptoPonzi changes the risk calculus for a hobby sysadmin. If an attacker's objective is to quietly leech CPU cycles, what better target than a GNU/Linux VPS whose typical virtual CPU usage rounds down to 0% of its allotment? Think I may have to start running `apt-get dist-upgrade` non-interactively via cron.