Malicious cryptominer process using 100% CPU related to docker container running OpenVidu

Marc_K · June 29, 2020, 10:50pm

Earlier today I’ve realised my CPU is 100% used by a strange process, that after some research I found it is related to crypto-mining. It seems the issue is related to the Openvidu Docker image containing the Redis database image - the issue being the port of the Redis db made accessible to the internet. The details are in the two links provided.

Could this be prevented by setting the port of the Docker Image of the Redis DB to being closed by default and hence not exposed to the internet. I am aware that all unused ports should be closed by server admins, however not everyone is a server admin and not everyone remembers to do so.
Thanks in advance.

vipin_mishra · June 30, 2020, 6:42am

Yes this bug already reported in openvidu. So they will solve this bug in 2.15.0 release. Stay tuned for new release

micael.gallego · June 30, 2020, 8:40am

If you only open the recommended ports, it shouldn’t happened.

In 2.15 (to be released this week) redis DB will be secured with password to strength security.

Marc_K · June 30, 2020, 5:36pm

Excellent, keep up the good work !

Topic		Replies	Views
New install of OV running at 100% CPU Useage. What's wrong? Issues with deployment v2	7	896	May 22, 2020
My own App - docker deployed to openvidu server Issues developing apps v2	3	448	December 7, 2020
Locking down access Issues with deployment v2	10	857	May 14, 2020
Docker image https Issues developing apps v2	2	22	August 8, 2024
"forceDisconnectByServer" when more than 4 users in a call Issues with deployment v2	7	412	March 18, 2021

Malicious cryptominer process using 100% CPU related to docker container running OpenVidu

Related topics