for a while a find process xmrig1 to randomxmonero.auto.nicehash.com.
a try to uninstall it without success…
after a while i find a command in history downloding the app directly.
nothing in crontab…
as the commande seems to downlodad the program in the same directory where it is executed, i searsh in all the folder, to finaly find a script name m.sh which contain the famous command.
to downld the crypto miner program.
So please could ask to the person who maintain the container to modify it?
Are you claiming we purposely put xmrig within the container?
hello,
i don’t, i’m not enought aware about dockerisation to fully understand how it works to claim such a thing.
i just wanted to warn what happen when i restart my container with -d option after a while the scrit run and download xmrig1.
it is probably causing from somthing else but i don’t have the knowlege and the backgroud to identify the malfonction in the container.
sincerly
The likely reason why your container has xmrig within it, is due to being exposed to the internet without any security so someone freely logged in and ran the script within it.