A while ago I noticed that one of my RPi's was infected with a process
called 'crypto', apparently for mining purposes.
I could see that by running the 'top' command.
The Pi had the Cosmo image on the SD card. Today I tried several times
to re-format and install the Cosmo image again.
Just now I started the Pi with no network attached and the crypto
process was running. I hope I'm wrong, but it looks like it is on the
Cosmo image. Could someone please verify this?
As far as I can see, crypto is a kernel module where all the cryptographic functions are placed.
The COSMO image is based on a fresh Raspbian image where we've installed cosmo repos, compiled csound and a few other modification. Everything is downloaded and installed through either git or apt-get - nothing from insecure location, so I would say Im pretty confident that it's not malware running
On Fri, 11 May 2018 at 08:57, Victor Lazzarini <[hidden email]> wrote:
There is a libcrypto that is used by OpenSSL.
Dean of Arts, Celtic Studies, and Philosophy