I'm hosting my application on an AWS Ubuntu server, and I've noticed that the following files keep getting created automatically:
xmirig.tar.gz
failed.log
monitor.log
exploites.log
next-env.d.ts
I did not create these files manually, and they keep appearing on the server.
I'm trying to understand:
What process could be creating these files?
Could this indicate that my server has been compromised?
How can I identify which process or service is generating them?
Are any of these files associated with malware or crypto miners?
The server is running Ubuntu on AWS EC2.