search

magnussolution / magnusbilling7

MagnusBilling is a fast, secure, efficient, high availability, VOIP Billing.
https://www.magnusbilling.org
GNU Lesser General Public License v3.0
180 stars 108 forks source link

mbilling --config=mbilling.conf service is taking high CPU around 875% #683

Open uzair329 opened 2 weeks ago

uzair329 commented 2 weeks ago

This service is taking so much CPU and stuck all our 4 magnus servers which are located at different location and at different vendors as well . What is this issue and why they are consuming high cpu .We have restart the server but it is still not solving we have version of magnus 7.8.4.5

PID USER PRI NI VIRT RES SHR S CPU% MEM% TIME+ Command 116130 root 10 -10 2406M 3632 1440 S 875. 0.0 3h56:05 mbilling --config=mbilling.conf

uzair329 commented 2 weeks ago

We have updated the magnus as well now to latest 7.8.4.7. Restart the server but still in all four servers situation is same what is this bug ?

yurikurka commented 2 weeks ago

Check if you have a virus or crypto miner, use clamav... to check.

Em sex., 11 de out. de 2024 às 20:54, uzair329 @.***> escreveu:

We have updated the magnus as well now to latest 7.8.4.7. Restart the server but still in all four servers situation is same what is this bug ?

— Reply to this email directly, view it on GitHub https://github.com/magnussolution/magnusbilling7/issues/683#issuecomment-2408247276, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGZ7W5ARTYR3OLYFMEXFJ5LZ3BQKNAVCNFSM6AAAAABPZYNA7OVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMBYGI2DOMRXGY . You are receiving this because you are subscribed to this thread.Message ID: @.***>

alek10c commented 5 days ago

The same thing happens for me on three servers that I have

image

image

ccabrerar commented 5 days ago

Magnus doesn't have an executable like that. The main AGI has a .php extension, so I'm pretty sure you were hacked and they installed a crypto miner into your server.

williamfjm commented 5 days ago

I have had the same problem since February 2023, magnusbilling has some type of vulnerability that allows a malicious client to install executables generally in lib and tmp within magnusbilling, my solution was to look for the ips to which the software reports. but I am not clear about the method by which install it, check the permissions that the magnus folder has, restrict them. . I hope this is a reason for investigation by the community since it is something serious. Although I consider that magnusbilling is heading towards being abandonware :(