我的 DigitalOcean 被 Disable 了，请大家帮忙看下这封信？

DigitalOcean 貌似是建议我再重新开一个VPS然后把数据转移过去。
请问这样会把病毒带过去吗？ 还有其他更好的方案吗？


---------

There has been a response to your ticket:

Hello,

How did you determine to stop these services? These are probably unrelated to this issue. We had noted a UDP flood attacking a remote server.

This likely indicates that your Droplet has been compromised and malicious scripts installed to launch this attack. There are a large variety of ways that your server may have been compromised. Popular methods are password brute force attacks (guessing weak passwords) or attacking applications that are out of date (though many other possibilities exist). We can't say for sure what may have happened in this specific instance, and we do not have access to your server to investigate ourselves.

If you are unable to find and remove all of the malicious software, as well as determine how it was installed and secure against future incidents, you would need to create a new server and migrate your content over, being sure to pay attention to security as you're setting things up. Starting from a fresh installation is the only way to ensure that there is no remaining malware or backdoors installed on your existing system. If necessary, we can place your Droplet into a secure recovery environment where you can access your data to copy it off. First, I would recommend trying to create any backups you need if you can from the console, such as dumping the MySQL databases to a file with mysqldump, as these services will not be running in the rescue mode.

Also, we have a few articles that I'd recommend to review to help you track these issues down, as well as secure against future problems.
https://www.digitalocean.com/community/articles/an-introduction-to-securing-your-linux-vps
https://www.digitalocean.com/community/questions/my-droplet-is-locked-by-support-staff-because-because-of-an-outgoing-flood-or-ddos-what-do-i-do

Let us know if you have any further questions.

DigitalOcean Support