#perfctl — Public Fediverse posts

While trying to migrate some self-hosted apps to a new empty VPS yesterday, I noticed an unusually high load, issues during upgrade (initramfs scripts broke one by one because of missing libs) and a lot of network traffic with no actual services running.

I set up the server some days ago and installed a Portainer agent, but didn't configure it yet. Seems this is an ideal entry point for the #perfctl/#perfcc malware and a rootkit to use the server for CryptoJacking and ProxyJacking. The #Portainer agent waits for an initial connection from the Portainer server (and does so after every restart) - but if the attacker comes first, he wins. 🙄

Long story short: I reinstalled the server from scratch, use the Portainer Edge agent from now on (which reverses the communication direction) and have an even closer look on my monitoring.

More infos about the attack vector can be found here:

https://blog.exatrack.com/Perfctl-using-portainer-and-new-persistences/

While trying to migrate some self-hosted apps to a new empty VPS yesterday, I noticed an unusually high load, issues during upgrade (initramfs scripts broke one by one because of missing libs) and a lot of network traffic with no actual services running.

I set up the server some days ago and installed a Portainer agent, but didn't configure it yet. Seems this is an ideal entry point for the #perfctl/#perfcc malware and a rootkit to use the server for CryptoJacking and ProxyJacking. The #Portainer agent waits for an initial connection from the Portainer server (and does so after every restart) - but if the attacker comes first, he wins. 🙄

Long story short: I reinstalled the server from scratch, use the Portainer Edge agent from now on (which reverses the communication direction) and have an even closer look on my monitoring.

More infos about the attack vector can be found here:

https://blog.exatrack.com/Perfctl-using-portainer-and-new-persistences/

While trying to migrate some self-hosted apps to a new empty VPS yesterday, I noticed an unusually high load, issues during upgrade (initramfs scripts broke one by one because of missing libs) and a lot of network traffic with no actual services running.

I set up the server some days ago and installed a Portainer agent, but didn't configure it yet. Seems this is an ideal entry point for the #perfctl/#perfcc malware and a rootkit to use the server for CryptoJacking and ProxyJacking. The #Portainer agent waits for an initial connection from the Portainer server (and does so after every restart) - but if the attacker comes first, he wins. 🙄

Long story short: I reinstalled the server from scratch, use the Portainer Edge agent from now on (which reverses the communication direction) and have an even closer look on my monitoring.

More infos about the attack vector can be found here:

https://blog.exatrack.com/Perfctl-using-portainer-and-new-persistences/

While trying to migrate some self-hosted apps to a new empty VPS yesterday, I noticed an unusually high load, issues during upgrade (initramfs scripts broke one by one because of missing libs) and a lot of network traffic with no actual services running.

I set up the server some days ago and installed a Portainer agent, but didn't configure it yet. Seems this is an ideal entry point for the #perfctl/#perfcc malware and a rootkit to use the server for CryptoJacking and ProxyJacking. The #Portainer agent waits for an initial connection from the Portainer server (and does so after every restart) - but if the attacker comes first, he wins. 🙄

Long story short: I reinstalled the server from scratch, use the Portainer Edge agent from now on (which reverses the communication direction) and have an even closer look on my monitoring.

More infos about the attack vector can be found here:

https://blog.exatrack.com/Perfctl-using-portainer-and-new-persistences/

While trying to migrate some self-hosted apps to a new empty VPS yesterday, I noticed an unusually high load, issues during upgrade (initramfs scripts broke one by one because of missing libs) and a lot of network traffic with no actual services running.

I set up the server some days ago and installed a Portainer agent, but didn't configure it yet. Seems this is an ideal entry point for the #perfctl/#perfcc malware and a rootkit to use the server for CryptoJacking and ProxyJacking. The #Portainer agent waits for an initial connection from the Portainer server (and does so after every restart) - but if the attacker comes first, he wins. 🙄

Long story short: I reinstalled the server from scratch, use the Portainer Edge agent from now on (which reverses the communication direction) and have an even closer look on my monitoring.

More infos about the attack vector can be found here:

https://blog.exatrack.com/Perfctl-using-portainer-and-new-persistences/

Perfctl malware strikes again as crypto-crooks target Docker Remote API servers – Source: go.theregister.com https://ciso2ciso.com/perfctl-malware-strikes-again-as-crypto-crooks-target-docker-remote-api-servers-source-go-theregister-com/ #rssfeedpostgeneratorecho #TheRegisterSecurity #CyberSecurityNews #TheRegister #Perfctl

Perfctl malware strikes again as crypto-crooks target Docker Remote API servers – Source: go.theregister.com https://ciso2ciso.com/perfctl-malware-strikes-again-as-crypto-crooks-target-docker-remote-api-servers-source-go-theregister-com/ #rssfeedpostgeneratorecho #TheRegisterSecurity #CyberSecurityNews #TheRegister #Perfctl

Perfctl malware strikes again as crypto-crooks target Docker Remote API servers – Source: go.theregister.com https://ciso2ciso.com/perfctl-malware-strikes-again-as-crypto-crooks-target-docker-remote-api-servers-source-go-theregister-com/ #rssfeedpostgeneratorecho #TheRegisterSecurity #CyberSecurityNews #TheRegister #Perfctl

Cose per cui vale la pena preoccuparsi: #Perfctl, il #malware che dal 2021 agisce nascosto su migliaia di server #Linux

#UnoLinux #sicurezzainformatica

https://www.miamammausalinux.org/2024/10/cose-per-cui-vale-la-pena-preoccuparsi-perfctl-il-malware-che-dal-2021-agisce-nascosto-su-migliaia-di-server-linux/

Cose per cui vale la pena preoccuparsi: #Perfctl, il #malware che dal 2021 agisce nascosto su migliaia di server #Linux

#UnoLinux #sicurezzainformatica

https://www.miamammausalinux.org/2024/10/cose-per-cui-vale-la-pena-preoccuparsi-perfctl-il-malware-che-dal-2021-agisce-nascosto-su-migliaia-di-server-linux/

Cose per cui vale la pena preoccuparsi: #Perfctl, il #malware che dal 2021 agisce nascosto su migliaia di server #Linux

#UnoLinux #sicurezzainformatica

https://www.miamammausalinux.org/2024/10/cose-per-cui-vale-la-pena-preoccuparsi-perfctl-il-malware-che-dal-2021-agisce-nascosto-su-migliaia-di-server-linux/

Cose per cui vale la pena preoccuparsi: #Perfctl, il #malware che dal 2021 agisce nascosto su migliaia di server #Linux

#UnoLinux #sicurezzainformatica

https://www.miamammausalinux.org/2024/10/cose-per-cui-vale-la-pena-preoccuparsi-perfctl-il-malware-che-dal-2021-agisce-nascosto-su-migliaia-di-server-linux/

Cose per cui vale la pena preoccuparsi: #Perfctl, il #malware che dal 2021 agisce nascosto su migliaia di server #Linux

#UnoLinux #sicurezzainformatica

https://www.miamammausalinux.org/2024/10/cose-per-cui-vale-la-pena-preoccuparsi-perfctl-il-malware-che-dal-2021-agisce-nascosto-su-migliaia-di-server-linux/

#Linux :tux: -#Malware "#Perfctl" befällt offenbar schon seit Jahren Linux-Server | heise online https://www.heise.de/news/Perfectl-Linux-Malware-laesst-Server-heimlich-Kryptomining-und-mehr-ausfuehren-9963118.html #CryptoMiner #cryptocurrencies #cryptocurrency #Proxy #Loader

#Linux :tux: -#Malware "#Perfctl" befällt offenbar schon seit Jahren Linux-Server | heise online https://www.heise.de/news/Perfectl-Linux-Malware-laesst-Server-heimlich-Kryptomining-und-mehr-ausfuehren-9963118.html #CryptoMiner #cryptocurrencies #cryptocurrency #Proxy #Loader

#Linux :tux: -#Malware "#Perfctl" befällt offenbar schon seit Jahren Linux-Server | heise online https://www.heise.de/news/Perfectl-Linux-Malware-laesst-Server-heimlich-Kryptomining-und-mehr-ausfuehren-9963118.html #CryptoMiner #cryptocurrencies #cryptocurrency #Proxy #Loader

#Linux :tux: -#Malware "#Perfctl" befällt offenbar schon seit Jahren Linux-Server | heise online https://www.heise.de/news/Perfectl-Linux-Malware-laesst-Server-heimlich-Kryptomining-und-mehr-ausfuehren-9963118.html #CryptoMiner #cryptocurrencies #cryptocurrency #Proxy #Loader

#Linux :tux: -#Malware "#Perfctl" befällt offenbar schon seit Jahren Linux-Server | heise online https://www.heise.de/news/Perfectl-Linux-Malware-laesst-Server-heimlich-Kryptomining-und-mehr-ausfuehren-9963118.html #CryptoMiner #cryptocurrencies #cryptocurrency #Proxy #Loader

Linux-Malware "Perfectl" befällt offenbar schon seit Jahren Linux-Server | heise online
https://heise.de/-9963118 #Cybercrime #Linux #LinuxServer #Malware #Perfctl

Linux-Malware "Perfectl" befällt offenbar schon seit Jahren Linux-Server | heise online
https://heise.de/-9963118 #Cybercrime #Linux #LinuxServer #Malware #Perfctl

Linux-Malware "Perfectl" befällt offenbar schon seit Jahren Linux-Server | heise online
https://heise.de/-9963118 #Cybercrime #Linux #LinuxServer #Malware #Perfctl

Linux-Malware "Perfectl" befällt offenbar schon seit Jahren Linux-Server | heise online
https://heise.de/-9963118 #Cybercrime #Linux #LinuxServer #Malware #Perfctl

Linux-Malware "Perfectl" befällt offenbar schon seit Jahren Linux-Server | heise online
https://heise.de/-9963118 #Cybercrime #Linux #LinuxServer #Malware #Perfctl

Stealthy Malware Has Infected Thousands of Linux Systems for Years | WIRED

Link

Stealthy Malware Has Infected Thousands of Linux Systems for Years | WIRED

Link

Stealthy Malware Has Infected Thousands of Linux Systems for Years | WIRED

Link

Stealthy Malware Has Infected Thousands of Linux Systems for Years | WIRED

Link

Stealthy Malware Has Infected Thousands of Linux Systems for Years | WIRED

Link

Stealthy Malware Has Infected Thousands of Linux Systems for Years https://www.wired.com/story/perfctl-stealthy-malware-infected-linux-systems/ #Security/CyberattacksandHacks #Security #perfctl

Stealthy Malware Has Infected Thousands of Linux Systems for Years https://www.wired.com/story/perfctl-stealthy-malware-infected-linux-systems/ #Security/CyberattacksandHacks #Security #perfctl

Stealthy Malware Has Infected Thousands of Linux Systems for Years https://www.wired.com/story/perfctl-stealthy-malware-infected-linux-systems/ #Security/CyberattacksandHacks #Security #perfctl

Onopgemerkte malware infecteert duizenden linux systemen https://www.trendingtech.news/trending-news/2024/10/40891/onopgemerkte-malware-infecteert-duizenden-linux-systemen #malware #Linux #cybersecurity #Perfctl #rootkit #Trending #News #Nieuws

Onopgemerkte malware infecteert duizenden linux systemen https://www.trendingtech.news/trending-news/2024/10/40891/onopgemerkte-malware-infecteert-duizenden-linux-systemen #malware #Linux #cybersecurity #Perfctl #rootkit #Trending #News #Nieuws

Onopgemerkte malware infecteert duizenden linux systemen https://www.trendingtech.news/trending-news/2024/10/40891/onopgemerkte-malware-infecteert-duizenden-linux-systemen #malware #Linux #cybersecurity #Perfctl #rootkit #Trending #News #Nieuws

Onopgemerkte malware infecteert duizenden linux systemen https://www.trendingtech.news/trending-news/2024/10/40891/onopgemerkte-malware-infecteert-duizenden-linux-systemen #malware #Linux #cybersecurity #Perfctl #rootkit #Trending #News #Nieuws

Onopgemerkte malware infecteert duizenden linux systemen https://www.trendingtech.news/trending-news/2024/10/40891/onopgemerkte-malware-infecteert-duizenden-linux-systemen #malware #Linux #cybersecurity #Perfctl #rootkit #Trending #News #Nieuws

Stealthy Malware Has Infected Thousands of Linux Systems for Years - Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of m... - https://www.wired.com/story/perfctl-stealthy-malware-infected-linux-systems/ #security/cyberattacksandhacks #security #perfctl

Stealthy Malware Has Infected Thousands of Linux Systems for Years - Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of m... - https://www.wired.com/story/perfctl-stealthy-malware-infected-linux-systems/ #security/cyberattacksandhacks #security #perfctl

Stealthy Malware Has Infected Thousands of Linux Systems for Years - Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of m... - https://www.wired.com/story/perfctl-stealthy-malware-infected-linux-systems/ #security/cyberattacksandhacks #security #perfctl

Stealthy Malware Has Infected Thousands of Linux Systems for Years - Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of m... - https://www.wired.com/story/perfctl-stealthy-malware-infected-linux-systems/ #security/cyberattacksandhacks #security #perfctl

Stealthy Malware Has Infected Thousands of Linux Systems for Years - Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of m... - https://www.wired.com/story/perfctl-stealthy-malware-infected-linux-systems/ #security/cyberattacksandhacks #security #perfctl

New Linux Malware 'Perfctl' Targets Millions by Mimicking System Files
https://hackread.com/linux-malware-perfctl-hit-millions-mimick-system-files/ #Cybercrime #Linux #Malware #Perfctl

New Linux Malware 'Perfctl' Targets Millions by Mimicking System Files
https://hackread.com/linux-malware-perfctl-hit-millions-mimick-system-files/ #Cybercrime #Linux #Malware #Perfctl

New Linux Malware 'Perfctl' Targets Millions by Mimicking System Files
https://hackread.com/linux-malware-perfctl-hit-millions-mimick-system-files/ #Cybercrime #Linux #Malware #Perfctl

New Linux Malware 'Perfctl' Targets Millions by Mimicking System Files
https://hackread.com/linux-malware-perfctl-hit-millions-mimick-system-files/ #Cybercrime #Linux #Malware #Perfctl

New Linux Malware 'Perfctl' Targets Millions by Mimicking System Files
https://hackread.com/linux-malware-perfctl-hit-millions-mimick-system-files/ #Cybercrime #Linux #Malware #Perfctl

#Perfctl, un #malware #Linux tenace

https://next.ink/152853/perfctl-un-malware-linux-tenace/

> Hier soir, les chercheurs de la société Aqua Security ont publié un article détaillé sur le malware Perfctl. Ils y mettent en garde les utilisateurs contre ses capacités, qui allient une grande discrétion à une persistance tenace...

#Perfctl, un #malware #Linux tenace

https://next.ink/152853/perfctl-un-malware-linux-tenace/

> Hier soir, les chercheurs de la société Aqua Security ont publié un article détaillé sur le malware Perfctl. Ils y mettent en garde les utilisateurs contre ses capacités, qui allient une grande discrétion à une persistance tenace...

#Perfctl, un #malware #Linux tenace

https://next.ink/152853/perfctl-un-malware-linux-tenace/

> Hier soir, les chercheurs de la société Aqua Security ont publié un article détaillé sur le malware Perfctl. Ils y mettent en garde les utilisateurs contre ses capacités, qui allient une grande discrétion à une persistance tenace...

#Perfctl, un #malware #Linux tenace

https://next.ink/152853/perfctl-un-malware-linux-tenace/

> Hier soir, les chercheurs de la société Aqua Security ont publié un article détaillé sur le malware Perfctl. Ils y mettent en garde les utilisateurs contre ses capacités, qui allient une grande discrétion à une persistance tenace...