Docker infection?


Recommended Posts

Yesterday I noticed my cpu was maxed out and found a docker that I had not added was running. "zealous_wu".  I stopped and removed it and everything returned to normal.  this morning i have another docker that appeared 2 hours ago called "fervent_roentgen".

Is my system infected and what should I do?

Link to comment
2 minutes ago, sparklyballs said:

Docker containers are titled with an adjective followed by a scientist by default if they are unnamed locally.

I know docker created those names. We suspect someone has hacked the user and created a docker on their machine, likely crypto mining or some such. Other cases of that and even worse happening to new users lately, hence the link Squid posted above.

Link to comment
12 minutes ago, trurl said:

I know docker created those names. We suspect someone has hacked the user and created a docker on their machine, likely crypto mining or some such. Other cases of that and even worse happening to new users lately, hence the link Squid posted above.

 

Need to run

Quote

docker ps -a

 

to get the image name that the container is using and find out where the image is coming from and what it is.

Edited by sparklyballs
code block
  • Thanks 1
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.