Process with weird random name consuming significant network and CPU resources. Is someone hacking me?

eyshcjdmzg is a Linux DDoS trojan (easily found through a Google search). You've likely been hacked.

Take that server off-line now. It's not yours any longer.

Please read the following ServerFault Q/A carefully: How to deal with a compromised server.

Note that depending on who you are and where you are, you may additionally be legally obliged to report this incident to authorities. This is the case if you are working at a government agency in Sweden (e.g. a university), for example.

How can I kill minerd malware on an AWS EC2 instance? (compromised server)
Need help understanding suspicious SSH commands

Yes. A google search for eyshcjdmzg indicates that your server has been compromised.

See How do I deal with a compromised server? for what to do about that (in short, wipe the system and re-install from scratch - you can't trust anything on it. I hope you have backups of important data and config files)

Process with weird random name consuming significant network and CPU resources. Is someone hacking me?

Tags:

Process

Centos

Systemd

Related

Recent Posts