Hello Team
I had used 3 times in 3 different servers but from each Server I got notice for crypto mining. What is this can someone tell me
Hello @lazybut
Removing the cyrptominer malware is more tedious than reinstalling your server os. Rollback to an earlier snapshot or reinstall in a clean os
I thought you arleady identified the culprit and looking for mitigation ?
what are you saying i was using cyberpanel and i got notice now website hosted on that
how could this possible
Look for posts like yours here. If its mitigation then the only solution is to do a fresh installation on a clean os. If its trying to identify the use htop and look for suspicious activity or processes
i had shared htop snap above please check
You installed but didnt run it . In ssh run htop wait until you see anything like p2pclient, some form of peer to peer client, docker containers you did not create, raven etc
Re-install fresh cyperpanel DO NOT use default password. Also after install change panel default port and create new ssh user with sudo priviliges, then disable root login and ssh password login use only ssh keys.