Home » Last Year’s Outlaw Attack Has A Lot Of Similarities With Monero’s New Botnet

Last Year’s Outlaw Attack Has A Lot Of Similarities With Monero’s New Botnet


There is another Monero mining botnet that is targeting China. Or maybe it is one we have seen before.

Bloggers that are well versed in the hacker universe recently uncovered a URL dissemination a botnet that looks deviously like one allowed to run riot by the Outlaw hacking group just last year. The Outlaw group — a name devised by the people who discovered it at Trend Micro, as they simply translated

“the Romanian word haiduc, the hacking tool the group primarily uses”

Is notorious for its release of a Perl-based shellbot sometime back that penetrates weaknesses found in IOT the Internet of Things.

The new attack was exposed by Trend Micro’s honeypot security systems. So far, it has been limited to computers in China. The malware is disseminated through a malicious URL that bundles in a backdoor-based exploit and a Monero-mining script.

Trend Micro believes that hackers have mined about $250,000 monthly in Monero from crypto-jacking.

The Outlaw botnet uses Secure Shell (SSH) exploit and brute force attack, which gives the attackers remote access to the victim’s computer. A more in depth report of the previous attack by Outlaw showed that immediately the hackers have access, the malware promptly executes a command that downloads and installs the crypto miner payload. In addition, if the malware notices another cryptocurrency miner previously installed on the user’s system, it will delete the software to ease competition for the user’s system resources.

The security specialists noted that the backdoor component can be used to launch DDoS (distributed denial-of-service) attacks which would let the cyber criminals monetize their botnet not just by mining alone, but by proposing DDoS-for-hire services.

On the other hand, because the scripts have not been activated, Trend Micro is certain that the cyber criminals are in the testing and development phase of the botnet. They propose the malware may be dormant at this time until updated versions of the botnet is released.
This comment led TheNextWeb to wonder if the botnet has mined any crypto currency or if they’ve made any successful hacks yet.

Source: https://www.coindesk.com/new-monero-botnet-looks-like-last-years-outlaw-attack

About the author

Jo Arazi

Jo Arazi

Jo is a seasoned writer and analyst of the cryptocurrency market with several years of experience writing for various blogs and websites worldwide. He has worked with several crypto startups and is a supporter of credible crypto projects worldwide.

Add Comment

Click here to post a comment

The following GDPR rules must be read and accepted:
This form collects your name, email and content so that we can keep track of the comments placed on the website. For more info check our privacy policy where you will get more info on where, how and why we store your data.