Anyone hit with xmrig?

I am having repeated issues with xmrig appearing, even thou I think I removed it. Any ideas how to prevent that?

I’ve got xmrig running constantly on my site. He’s using 100% of my CPU. I’ve tried running htop as sudo and killed the pid, but it gets immediately replaced by a new one. I see in my ftp logs that he’s running three different algorithms about every three seconds. He doesn’t show up as a user in my FTP client list, but one of my colleagues traced it back to China using Whois. When I set up the server, I forgot to set disable root login to No and I think that’s how they got in. Short of blowing it up and starting over, I don’t have any good advice for you. I’m a newbie here.

Seems the server may be hack show the output of htop?

Probably nulled theme or plugin if site is your get rid of nulled stuff if not you tell customer look move sites somewhere else.

I used the CyberPanel and was also infected with XMRig

I wonder how you got rid of it

I used the Cyberpanel panel, and the XMRig program appeared

Can you tell me how to clean xmRig once and for all