Recently, someone reached out to us about a malicious process they had discovered running on their web server. This process was maxing out the CPU, which is not unusual when a cryptominer process is running without any throttling.
Below is an example of what this kind of process looks like when using the ps -aux command:
Malicious Processes on Web Servers
So, what creates this malicious process in the first place?