[08:39] <MattJ> morning
[08:45] <luna> morning
[08:49] <zxm-pi_> allo allo
[09:00] <MattJ> Ok... I've been receiving frequent automated email alerts about someone's server that I help maintain some services on. The alerts have been happening for a couple of months, but within a minute or so of the alert I get another "resolved" one
[09:00] <MattJ> I've been working on other stuff, so I ignored them (for too long). Finally I contacted the server owner and asked if they knew what was going on
[09:01] <MattJ> They said no, but they'd be happy if I could look into it
[09:02] <MattJ> I log in, and there's a cryptocurrency minor using 1150% CPU
[09:02] <MattJ> *miner
[09:03] <MattJ> Assuming the machine had been compromised, I told them... but yes, they installed it themselves, and yes, it coincided with the alerts starting
[09:06] <zxm-pi_> did you remove it or leave it?
[09:09] <MattJ> Left it, it's their server :)
[09:09] <MattJ> But now I can send the alerts to /dev/null with a clear conscience
[09:17] <zxm-pi_> and an email saying this in case some other behaviour tries to send similar alerts?
[09:51] <daftykins> morn
[09:51] <daftykins> cor crypto eh, nasty