An Ethereum mining software that runs on ethOS uses by default the operating systems SSH creds, Hackers are using these creds to gain entrance and replace them with a redirect. by doing this the mining revenue is redirect to the hackers vWallets. This is a new technique hackers are using to steal Ethereum. Hackers have been trying strange SSH usernames and passwords.
They are using an attackers bot to help them. To fix this for your account all you have to do is change the OS default creds and replace them with a custom one. Just change default creds and you will be okay, its a simple procedure, but most people over look this area.
There are now scanners that are looking for these vulnerabilities, if you leave them open this is just like leaving your keys in the door for them to just right on in. You might as well just hand them your vWallet as you are advertising "come and take it"
