It wasn't too serious, it didn't really break containment that much...I was noticing that the qBittorrent app in my TrueNAS is constantly sitting at elevated CPU usage even though it was idle, but restarting it was usually enough for it to go back to zero. But it would come back later...Well, today, while writing another article about the homelab, I noticed high CPU usage on the TrueNAS VM. This time I've opened the console of the TrueNAS itself, and ran htop. Immediately I saw a bunch of suspicious processes running with elevated CPU load. The owner was app, which means a truenas App, which is basically a pre-configure docker container. I've stopped the qBittorrent app and those processes went away. It was running a Monero Crypto-Miner via c3pool.com (which does not offer any abuse contacts, btw).So, how did it get there? It wasn't a compromised container, but rather my own stupidity (and lack of network partitioning). You see, at some point in time the password was bypassed for…
No comments yet. Log in to reply on the Fediverse. Comments will appear here.