Mining power shell
a new customer recently consulted with sine security company, saying that his server often fails to open the website of the card, and the remote connection to the server is extremely slow. Sometimes the Ping value reaches 300-500, and he often switches. After listening to the customer's words,
will generally judge that he has been attacked by CC + DDoS mixed traffic, It's strange to say that there is no traffic attack on the computer room. It's not a traffic attack, but it also causes the server card and website to fail to open. What kind of attack is this? In order to solve the problem of
client server card, we immediately arranged a security engineer to carry out security detection and deployment on his Linux server
{rrrrrrr}
mining Trojan horse is also designed. If the mining process is forced to stop by customers, it will automatically start to continue mining to achieve uninterrupted mining.
careful inspection shows that it is through setting the hourly task plan, remotely downloading shell mining Trojan horse, and then executing, Check whether the current process exists or not. If not, start the Trojan horse to mine
a detailed security inspection was carried out on the client's Linux server. It was found that fortunately, there was no encrypted server data, and the worm was infected with the disease through the security detection and analysis of our security engineers, we found that the server uses Apache Tomcat environment, the open architecture of the platform is JSP + Oracle database, and Apache Tomcat uses the version of 2016, which leads to the serious remote command execution vulnerability of Apache, Through this vulnerability, the intruder can directly invade the server and get the administrator permission of the server,
virus. If the data was encrypted, the loss would be great. The client was a platform, and the client's data was very important. After finding out the mining Trojan horse,
do customers need to know how the server is attacked? Was the Trojan horse uploaded? It can prevent the attack
in the later stage
sine security engineer immediately repairs the Apache vulnerability and clears the Trojan horse. So far, the problem has been solved, the client server
runs stably, and the network station opens normally
2, check the driver, whether compatible, here you can choose to directly unload the driver, go to the official website to check your graphics card, to download the corresponding driver will be much better, I used 360 driver master, install the driver, actually not compatible, all kinds of restart blue screen
3. Use the DX repair tool to repair it
4. I don't think you should make such a low-level mistake, that is to plug the display interface into the motherboard instead of the graphics card...
Is a download will be automatically implanted in the computer malicious mining Trojan horse and modify the user DNS configuration, forced to insert advertising Trojan horse tool. Downloading is not recommended
start the script to execute the request URL regularly. The Trojan writer only needs to set the URL to be downloadable, and the user will be attracted
take chestnut as an example, smart contract technology is used in the concentric mutual aid platform of blockchain. One of the representative points is that
rules are executed efficiently
all fund transfers are executed in accordance with open and tamperable smart contracts. Once determined, they can be executed accurately, no one can intervene, and no legal person can misappropriate or intervene, which improves the efficiency of rule execution, In other words, once a member of the plan applies for mutual assistance, the platform will pass the relevant review and publicity, and the blockchain smart contract of the platform will send a dection instruction to the bank, and then the bank will dect money from each member's account and directly give it to the account number of the aided person. The efficiency is very high.