Weird process taking up 60% to 80% of my cpu

January 19, 2018 585 views
Server Optimization Ubuntu

Today I have noticed a process named zztznnmhux that has been using 70%+ cpu for the past few hours and my bandwidth usage is around 300 MB’s per second. Yesterday there was another process the had a different name doing the same thing as zztznnmhux. The only thing I have running on my server only uses around 2% to 8% cpu with some split second spikes to 20% to 30% cpu. Thanks for any help. (The tag dosnt have much to do with this btw, just the closest I could find)

Edit: I received a email from digital ocean stating that they detected a outgoing ddos attack and that my applets network has been disabled, this is not true, I have not sent any ddos attacks. On the stats page my network usage does make it look like I am sending a ddos attack but I can say that I am not.

1 comment
1 Answer

I agree with @ForYourIT that this likely indicates that your droplet has been compromised. This name does not match anything on all of google so it is likely an automatically generated process name. The only common reason to use an auto-generated name for system processes is to hide what they really are. While you can work to clean your server your best course of action may be to create a clean server and migrate your content over (checking it for anything unusual).

Have another answer? Share your knowledge.