-
sech1The stripe miner partially restored their operation
-
sech1they seem to be using supportxmr only this time, judging by the chart at miningpoolstats.stream/monero
-
selstasech1: any idea here? monero-project/monero #9356
-
selstahave you seen such reports before?
-
moneromoooIf the address is unknown, then pwned (or misconfigured RPC access). If it were known, it could be the background mining, if creating a wallet and saying "yes" without thinking.
-
selstait starts mining with 16 threads which I assume wouldn't be background mining
-
moneromoooI will add a comment.
-
sech1His command line doesn't enable public RPC
-
sech1So it must be something on his PC
-
selstamoneromooo: they got a log from the rpc call but netstat doesn't find anything on that port
-
moneromoooty, replied
-
sech1can't they just run wireshark or something, and log all connections to port 18081?
-
selstadoes wireshark show process id?
-
sech1no idea
-
sech1I know that lsof can give you process id for each open connection
-
sech1netstat too