It is the first time, I received the abuse alert form Burst.net, the VPS service provider.
They said there is some malicious content on my VPS. Their backbone providers found it and reported to them and Burst ask me to respond in 24 hours.
I click the like they provided. It is a picture. It is just an image file with jpg extension. I can open it in the browser. But I want to do even more to investigate.
So I download it and use Notepad++, which is a free open source text editor software, to open it. At the end of the file, the harmful content is shown as below: