Zombie
Overview
A zombie is a computer connected to the Internet that has been compromised by a hacker, computer virus, or Trojan horse program and can be used to perform malicious tasks of one sort or another under remote direction. Attackers send commands to "zombies" through control channels and order them to send forged or junk packets to targets. As a result, the targets fail to respond and deny normal services. This is a common DDoS attack. Now, as virtual currencies, such as Bitcoins, grow in value, attackers start using zombies to mine Bitcoins.
Suggestion
When a zombie threat is detected, the ECS instance is detected to have mining behavior (for example, accessing the address of the mining pool), or initiate DDoS attacks or brute force attacks, the ECS instance may have been implanted with mining Trojan horses or backdoor programs and may become a botnet. The severity of this type of threat is High. Therefore, you are advised to perform the following operations:
- Scan for and remove viruses and Trojan horses on the ECS instance. If the scanning and removal fail, disable the instance.
- Check whether other hosts on the subnet where the instance resides are intruded.
- Purchase HSS.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot