In a recent blog post, Trend Micro reported that a group of hackers by the name Outlaw is back after several months of inactivity. Moreover, the group is using upgraded malware to attack servers with weak security levels, to steal crypto assets. The latest malware infects systems to utilize their computation power, to secretly mine crypto and then afterwards execute the crypto miners working on them.
Outlaw Advances to Europe and the United States
In addition, the Outlaw attacks emanate from a virtual private server (VPS), which focuses on systems with a weak security protocol to infringe. In an infected system, the botnet sends instant binary files to spread the malware into the system. The latest attacks are preying on servers that have vulnerable cybersecurity, or yet to upgrade its security system.
In particular, Outlaw was first discovered two years ago in China. The crime group had been testing equipment and strategies while improving them in china; on top of attacking mining systems in the country. However, the hacking group has decided to shift from China this year; and they are advancing towards Europe and the United States.
Upgraded Malware Kills Miners
In addition, the newly upgraded botnet infects systems and wipes out the existing mining software. Trend Micro has been closely monitoring and studying the hacking group for a long time. Additionally, the botnets are also filching information from firms in the financial space as per the collected samples. The hacking group can then sell the stolen data later.
In conclusion, the study also notes that the hacker group is targeting corporate servers and personal electronic devices like Android TVs. The researchers identified APKs and Android Debug Bridge commands that make the TVs start mining without the owner’s knowledge. However, as per the study, the malware will only attack corporate servers yet to be upgraded.