Trojan Horses Detected
Hello,
I received this mail from my server:
Hidden Pid detected! [pid 27730]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/share/locale/en/.rockmeamadeus/sk]
I deleted the directory .rockmeamadeus but I do not know if my system was compromised. What should I do?
Thanks for your help !
cPanel.net Support Ticket Number:
You should have kept a copy of the binary/source to see what was inside. You should also look in your tmp directory for any rogue files.
Since crackers usually install additional backdoors, change system binaries, etc. You should consider a format & reinstall on that machine and then lock it down correctly.
cPanel.net Support Ticket Number:
LinkBack URL
About LinkBacks
Reply With Quote