we are in the same situation. Early morning today found one host with a high cpu... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		alexginzburg on Nov 28, 2016 \| parent \| context \| favorite \| on: Help:We Found a Bitcoin Mining Prog / Email Server... we are in the same situation. Early morning today found one host with a high cpu usage. Turned out it was running `./yam` process as a `redis` user. I shut the host down for now. Before shutting it down I did a strace and saw json stream clearly stating that it is a monero app. Looks like the cpu spiked about 12 hours ago. We do have redis on a host but it should be behind the iptables rules. Other hosts look ok.

gopi_ar on Nov 29, 2016 [–]

We were able to get in touch with the hacker and he told us he was just mining and not stealing stuff. We're still cleaning the whole system; might even pay him/her a bounty for this though.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact