What is stratum+tcp and what to do with it?

O

Oleg Gamega2017-04-15 13:01:22

PostgreSQL

Oleg Gamega, 2017-04-15 13:01:22

Hello.
The server began to issue a constant 100% cpu load, found in the stratum + tcp processes

in Google they didn’t drum me, and almost all links about stratum are somehow connected with bitcoin, do I understand correctly that someone is mining bitcoin from my server?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

V

Valentin, 2017-04-15
@vvpoloskin

Well, judging by the /tmp/logn process, there is definitely some kind of virus there. And it’s also dumb to keep postgres and muscle on the same vm

K

Konstantin Stepanov, 2017-04-15
@koronabora

The miner settled on the server. Find the place from where it starts and the startup script. Further - to clean, having killed before it. Close holes through which it could penetrate. Replace all passwords, close all ports as much as possible, it is desirable to organize remote access to the server in general through openvpn (1 openvpn port looks out and that's it). Plus, perhaps there are vulnerabilities under this version of the kernel, then you should upgrade. In general - the hemorrhagic still.