Issue after GNU parallel **IMP**

[rachit0412]

HI Team

 

We are stuck in middle of a hacking issue, which have been raised after I installed GNU parallel on one of our servers using below command.

 

(wget -O - pi.dk/3 || curl pi.dk/3/ || fetch -o - http://pi.dk/3) | bash

 

I was using below link for personal learning as well.

https://www.gnu.org/software/parallel/parallel_tutorial.html

 

Now I want to know can something like this happen?

 

We are getting emails where an attempt has been made on a server location in brazil using our server details.

We are planning to uninstall or rollback to last snapshot but I would like to know your views on the issue!!

 

It is important and urgent.

 

I have not send the version number or any other details because we do not want to run anything associated with Parallel.

 

Messages from our syslog
========================================================================
Jan 31 01:44:04 xxxxx time=01:41:24 devname=FGxxxx  devid=xxxx logid=xx type=traffic subtype=forward level=notice vd=root srcip=xxxx srcport=xxxx srcintf="xxx" dstip=xxx dstport=xx dstintf="xx" poluuid=xxx sessionid=xx proto=xx action="" policyid=xx dstcountry="xx" srccountry="xx" trandisp=xx service="SSH" duration=0 sentbyte=0 rcvdbyte=0 sentpkt=0 appcat="unscanned" crscore=xx craction=xx crlevel=high

 

(unfortunately, I cannot share any details)

 

Br,
Rachit