How did I removed watchbog virus ?
Added to hosts file
$nano /etc/hosts
127.0.0.1 pastebin.com
127.0.0.1 semrush.com
Killed the watchbog process
check using pid with top command
$kill 1800
The kill and remove the virus from is location
$kill 11896 && rm -Rf /tmp/systemd-private-afjdhdicjijo473skiosoohxiskl573q-systemd-timesyncc.service-g1g5qf/cred/fghhhh/data
Also add this rm command to crontab -e for every second
This guide has helped me
https://www.alibabacloud.com/blog/return-of-watchbog-exploiting-jenkins-cve-2018-1000861_594798
