• senorblackbean@lemmy.world
    link
    fedilink
    arrow-up
    25
    ·
    1 year ago

    My guess:

    spoiler

    An attacker exploited a SQL injection or buffer overflow flaw in Apache+PHP+MySQL (which they have no idea about), installed a Java based coin miner (gross, I know), and deleted /var/log to cover up their tracks. But it was Col. Kernel that killed MySQL for using up too much memory. Ruby is just there because of some obscure distro dependency nobody uses.