malware identification found on ubuntu server

Published: 8/11/2019
malware identification found on ubuntu server
Source: UNIX.STACKEXCHANGE.COM

I discovered a script running on my server. Reading through apache log files, attacker used cms login vulnerability and downloaded script from this site http://217.61.107.9/wes . Can anybody identify what does it do? After hitting htop I could see: sh -c chmod 777 sysd && ./sysd -c 2.cf which is now gone ang all I can see is remaining process ./sysd -c apache.cf -t 1 This I can not find on

Read more
Related news
Comment
FACEBOOK