The GetPageSpeed repo has been hacked. Anyone with the repo installed will have malicious code installed on their box by yum update
, including the file /etc/cron.d/sysstat2
. I've notified GetPageSpeed, but it is 1am their time.
How do I warn people about this repo? Is there some way to warn anyone with the file /etc/cron.d/sysstat2
on their system that they have been compromised?
Specifics at CentOS 7 hacked and How did installing this RPM create a file?
As of 6/25/19, the malicious packages have been removed from the repo and new ones published that remove the cron job they installed.