search

SeleniumHQ / docker-selenium

Provides a simple way to run Selenium Grid with Chrome, Firefox, and Edge using Docker, making it easier to perform browser automation
http://www.selenium.dev/docker-selenium/
Other
7.92k stars 2.51k forks source link

[🐛 Bug]: Malware in last bulds #2414

Open diamondevilteam opened 4 hours ago

diamondevilteam commented 4 hours ago

What happened?

Malware in last bulds

Command used to start Selenium Grid with Docker (or Kubernetes)

version: "3"
services:
  chrome:
    image: selenium/node-chrome:4.25.0-20240922
    shm_size: 2gb
    depends_on:
      - selenium-hub
    environment:
      - SE_EVENT_BUS_HOST=selenium-hub
      - SE_EVENT_BUS_PUBLISH_PORT=4442
      - SE_EVENT_BUS_SUBSCRIBE_PORT=4443
      - SE_NODE_MAX_SESSIONS=100000
      - SE_NODE_OVERRIDE_MAX_SESSIONS=true
      - SE_NODE_SESSION_TIMEOUT=999999999
      - SE_SESSION_REQUEST_TIMEOUT=170

  selenium-hub:
    image: selenium/hub:4.25.0-20240922
    container_name: selenium-hub
    ports:
      - "4442:4442"
      - "4443:4443"
      - "4444:4444"

Relevant log output

I already wrote to you that you have had a malicious program in the assembly for a long time. This is a miner that rises hidden and loads the server. Malicious files do not appear immediately. Then they start loading the server perfctl. It's built into the new builds!

/var/lib/docker/overlay2/41a1a0e4b67934f078c1271b8b08cf9e8092476bfc8066fbde28fa6c4db48270/merged/tmp/.perf.c/xvfb-run
https://www.virustotal.com/gui/file/22e4a57ac560ebe1eff8957906589f4dd5934ee555ebcc0f7ba613b07fad2c13

/var/lib/docker/overlay2/41a1a0e4b67934f078c1271b8b08cf9e8092476bfc8066fbde28fa6c4db48270/merged/tmp/.perf.c/perfctl
https://www.virustotal.com/gui/file/e16fb2a22fce5241565784b5a8518ed2becc9948d4c398093edbb70a946f9331

Operating System

Ubuntu

Docker Selenium version (image tag)

4.25.0-20240922

Selenium Grid chart version (chart version)

No response

github-actions[bot] commented 4 hours ago

@diamondevilteam, thank you for creating this issue. We will troubleshoot it as soon as we can.

Info for maintainers

Triage this issue by using labels.

If information is missing, add a helpful comment and then I-issue-template label.

If the issue is a question, add the I-question label.

If the issue is valid but there is no time to troubleshoot it, consider adding the help wanted label.

If the issue requires changes or fixes from an external project (e.g., ChromeDriver, GeckoDriver, MSEdgeDriver, W3C), add the applicable G-* label, and it will provide the correct link and auto-close the issue.

After troubleshooting the issue, please add the R-awaiting answer label.

Thank you!