|
|
|
|
|
|
by brasetvik
1133 days ago
|
|
|
Reading that thread it doesn't seem like the official image shipped with any cryptominer at any point, and that it's more likely that the container got compromised in other ways. (A compromised [superuser connection to Postgres can execute shell code](https://medium.com/r3d-buck3t/command-execution-with-postgre...), so that seems more likely than the image shipping with a miner) |
|
|
It looks like the miner was installed because the Postgres port got exposed with a weak password.