Skip to main content

Perl Hacked

Comments

9 comments

  • keat63
    I see messages similar to this frequently, and it's usually after some update or another. I get the impression that when a program is running in memory, and an update is performed, the updated file cannot launch because the old one is still running in memory. Usually restarting the particular service will fix this. Check your logs to see if Perl has been updated at all. Var/log/yum.log Maybe Apache is the service to restart ??
    0
  • Infopro
    /usr/bin/perl -I/usr/local/bandmin\r 22.pl

    I suggest you hire a security expert right away if you're unsure of the path forward. You are in trouble.
    0
  • Michel Alshaer
    I suggest you hire a security expert right away if you're unsure of the path forward. You are in trouble.

    how can i delete this file ?
    0
  • Infopro
    I'm unable to assist you with this and is why I suggested you hire someone. For all we know your entire server is compromised, deleting that one file is most likely, not enough.
    0
  • Michel Alshaer
    I'm unable to assist you with this and is why I suggested you hire someone. For all we know your entire server is compromised, deleting that one file is most likely, not enough.

    any security experts suggestions ?
    0
  • Infopro
    You might want to contact your Hosting Provider for suggestions.
    0
  • Michel Alshaer
    I see messages similar to this frequently, and it's usually after some update or another. I get the impression that when a program is running in memory, and an update is performed, the updated file cannot launch because the old one is still running in memory. Usually restarting the particular service will fix this. Check your logs to see if Perl has been updated at all. Var/log/yum.log Maybe Apache is the service to restart ??

    i did this and till now i didn't receive any of that emails
    0
  • Infopro
    The message you quote from keat63 is of no use to you in this situation. That file on your server is not from a perl upgrade, it's a perl hacking script. Your server is compromised and that script has been running for over 22 hours. Stop wasting time posting here, go find a security expert.
    0
  • Michel Alshaer
    The message you quote from keat63 is of no use to you in this situation. That file on your server is not from a perl upgrade, it's a perl hacking script. Your server is compromised and that script has been running for over 22 hours. Stop wasting time posting here, go find a security expert.

    THANK YOU I WILL NOW
    0

Please sign in to leave a comment.