本帖最后由 misakafa 于 2024-10-31 17:04 编辑
- The update that patches this exploit was released on 23rd October, version 2.3.8 or later.
-
- How to update?
-
- If you are currently using a version older than 2.3.8 then please update IMMEDIATELY using the usual update command in SSH:
-
- sh <(curl https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh || wget -O – https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh)
-
- How can I tell if I’m already infected?
-
- Signs that you may have been infected already are constant high CPU usage (such as 100%) and higher than normal disk space utilisation. Another key indication is if you see files such as "read-me3.txt" in the /root directory – this is a sign that all files have been encrypted, you’ll see the ‘L0CK3D" suffix on most files if that is the case. If encryption has taken place then a reboot will likely result in booting to an "emergency" mode since the OS cannot read critical system files required for fully booting up.
-
- If you are seeing signs that you are infected then the only fix will be to reinstall your OS and restore from any external backups you have previously made.
复制代码
翻译
- 修补此漏洞的更新于 10 月 23 日发布,版本 2.3.8 或更高版本。
-
- 如何更新?
-
- 如果您当前使用的版本低于 2.3.8,请立即使用 SSH 中通常的 update 命令进行更新:
-
- sh <(curl https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh || wget -O – https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh)
-
- 如何判断我是否已经感染?
-
- 您可能已经被感染的迹象是 CPU 使用率持续较高(例如 100%)和高于正常磁盘空间利用率。另一个关键指示是,如果您在 /root 目录中看到诸如“read-me3.txt”之类的文件 – 这表明所有文件都已加密,如果是这种情况,您会在大多数文件上看到“L0CK3D”后缀。如果已进行加密,则重新启动可能会导致启动到 “紧急” 模式,因为操作系统无法读取完全启动所需的关键系统文件。
-
- 如果您看到您被感染的迹象,那么唯一的解决方法是重新安装您的操作系统并从您之前所做的任何外部备份中恢复。
复制代码
|
