Bug: Kinsing malware when deploying via Open Horizon

[oshadmon]

Describe the bug.

When deploying OH, we’re noticing a malware issue caused by PostgreSQL running via Docker.

Describe the steps to reproduce the behavior.

Steps:

1. Set ~/.bashrc

export MONGO_IMAGE_TAG=4.0.6
export CSS_IMAGE_TAG=1.10.1-1577
export HZN_LISTEN_IP=132.177.125.232 # <-- use your IP address, not this one

2. Install a local deployment of Open Horizon

curl -sSL https://raw.githubusercontent.com/open-horizon/devops/master/mgmt-hub/deploy-mgmt-hub.sh | bash

3. update ~/.bashrc with values generated in the install — HZN_ORG_ID, HZN_EXCHANGE_USER_AUTH

4. Wait

Expected behavior.

Expect: Nothing happens
Actual: Within 12-24 hours CPU utilization reaches 100% due to Kinsing malware.

Screenshots.

No response

Operating Environment

My machine is deployed via Linode -- Operating System: Ubuntu 22.04 | CPU: 2 core | RAM: 4GB | Storage: 80GB

Additional Information

This is a known issue with Postgres, and I'm seeing it repeatable/consistently with OH - no matter the version I use of Postgres (I’v tried 13, 14 and 16).

I’ve had this issue happen to me before with these machines, and the solution I found best was to physically install PostgresSQL locally. I tried to do the same with OH, but the deployment script seems to uncomment any PostgresSQL configurations I set.

[oshadmon]

As an FYI, I've also emailed this issue to the security group