被黑客种下恶意程序的排除案例
top -c 查到cpu的占用率最高的进程
Tasks: 161 total, 2 running, 157 sleeping, 0 stopped, 2 zombie Cpu(s): 98.2%us, 1.8%sy, 0.0%ni, 0.0%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 3921112k total, 2629276k used, 1291836k free, 48604k buffers Swap: 0k total, 0k used, 0k free, 92848k cached PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 31095 root 20 0 381m 7652 1088 S 191 0.2 5021:33 ./minerd -B -a cryptonight -o stratum+tcp://xmr.crypto-pool 12994 root 20 0 381m 7432 1012 S 30 0.2 0:00.91 /usr/sbin/tplink -B -a cryptonight -o stratum+tcp://xmr.cry
# find / -name minerd /opt/minerd /home/minerd
# file minerd minerd: ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux), statically linked, for GNU/Linux 2.6.32, stripped
取消这些命令的可执行权限,然后kill -9 掉
# locate minerd /home/minerd /opt/minerd /usr/local/etc/minerd.conf # cat /usr/local/etc/minerd.conf -B -a cryptonight -o stratum+tcp://xmr.crypto-pool.fr:8080 -u 4Ab9s1RRpueZN2XxTM3vDWEHcmsMoEMW3YYsbGUwQSrNDfgMKVV8GAofToNfyiBwocDYzwY5pjpsMB7MY8v4tkDU71oWpDC -p x
联系方式QQ:326528263 EMAIL:clnking@163.com 网名:bass 分享技术 突破难点 创新思维