Outlaw hackers going after enterprise servers to mine crypto
As security tightens and crypto fans are more aware, hackers are setting their sights on bigger targets
The cryptocurrency industry is not safe from thieves and scammers, just like any other industry operating in the world. But, the interesting part is that hackers sometimes are not looking to take money away from people, but to take advantage of their computer power. Mining cryptocurrencies is still a profitable activity, but it involves great expenses in electricity and the right equipment, and hackers seemed to have found a solution for that – using poorly secured enterprise servers to boost the crypto mining.
Another hit from the Outlaw hacking group has been unveiled after months of apparent inactivity from the group, which was first spotted in 2018. Researchers at Trend Micro pointed out that there were some malicious commands and clues in shell script components of a botnet that was developed by these hackers who are focusing on Chinese victims for this current cryptocurrency mining campaign. This specific botnet comes with a Monero (XMR) miner and all those months of silence allowed the group to refine the system to now be able to identify other similar miners on infected systems and get rid of them.
It doesn’t look like the group is going to have enough with just China as Trend Micro already detected a peak in December’s activity, confirming the testing ground to be moved to the US and Europe. Last Monday in a blog post, Trend Micro stated that there are other upgrades such as “expanded scanner parameters and targets, looped execution of files via error messages, improved evasion techniques for scanning activities, and improved mining profits by killing off both the competition and their own previous miners.” It was also reported that Outlaw is targeting Linux- and Unix-based operating systems, Internet of Things (IoT) devices, and corporate services that are lacking security.