-
Notifications
You must be signed in to change notification settings - Fork 226
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pinpoint-flink runs malware called kinsing #128
Comments
Have you exposed your containers to external networks? https://flink.apache.org/security.html
|
I just executed docker-compose pull & docker-compose up -d. Is there any config I have to set? As I know, docker will change firewall tables when container's port is exposed. |
I think your server has already been hacked. Read the article below. |
We had thought of that and we watched our all processes all the time after killing pinpoint-flink. It reveals soon that our host server is not infected. |
version: 2.3.3
User 9999 I never created runs flink process.
kdevtmpfsi / kinsing process called mine malware are ran by this user.
this process doesn't show up immediately. it needs at least 1~2 days to show up.
If you kill flink containers by command "docker kill pinpoint-flink-jobmanager / pinpoint-flink-taskmanager" then malware will go away.
The text was updated successfully, but these errors were encountered: