Main navigation

Error message

  • Warning: Undefined array key 1 in Drupal\cryptocompare\TwigExtension\RemoveSpace::getcard() (line 2998 of modules/custom/cryptocompare/src/TwigExtension/RemoveSpace.php).
    Drupal\cryptocompare\TwigExtension\RemoveSpace::getcard('
                        Contents
                        <ul class="article__contents-list"><li class="article__contents-item"><a class="article__contents-link link-pseudo" href="#h20">Attackers moving from China to Europe and US</a></li><li class="article__contents-item"><a class="article__contents-link link-pseudo" href="#h31">Upgraded malware eliminates miners</a></li></ul>
                    
                      
        
                        
    
    
    
                      
        
                        
    
    
    
                    
                  In a <a rel="nofollow" target="_blank" href="https://blog.trendmicro.com/trendlabs-security-intelligence/outlaw-updates-kit-to-kill-older-miner-versions-targets-more-systems/">recent blog post</a>, Trend Micro reports that a group of hackers calling themselves Outlaw has returned after several months of silence&nbsp;and is attacking servers with weak security levels. However, now it is using upgraded malware which first infects systems to use their computation power to secretly mine crypto and then kills the crypto miners working on them.
    
    Attackers moving from China to Europe and US
    
    The re-emerged hacking group, Outlaw, is now targeting corporate systems that lack serious cyber&nbsp;protection or have not yet upgraded their security systems. The hackers are now using an upgraded set of malware and target systems that mine digital currencies.
    
    The group first ‘presented itself to the world’ back in 2018 and, over the last year, have been improving and testing their new equipment while attacking crypto miners in China.
    
    However, this year, the Outlaw <a href="https://u.today/bitcoin-btc-ransom-hackers-target-multiple-us-cities-and-demand-payments-in-crypto">hackers</a> have switched to the US and Europe.
                    
                      
        
                            Ads
    
    
    
    
                      
        
                            Ads
    
    
    
    
                    
                  
    
    <a rel="nofollow" target="_blank" href="#">card</a>
    
    Upgraded malware eliminates miners
    
    The upgraded botnet&nbsp;infects corporate servers and erases the existing crypto mining software on them. The Trend Micro cyber research team have been studying the hackers from Outlaw for a long time. The samples they managed to find say that the hackers are&nbsp;also using their botnet for stealing data from servers used by companies in the financial sector in order to sell it later on.
    
    However, the study says that the hackers are not only going to attack corporate servers that have not yet been upgraded. The researchers also mention they found commands for Android APKs and Android Debug Bridge. These can make Android-powered TVs begin mining crypto without the&nbsp;owners knowing.
    ') (Line: 1030)
    Drupal\cryptocompare\TwigExtension\RemoveSpace->formatbody(Array) (Line: 54)
    __TwigTemplate_6d9d18caa33c92f0e9ed6e986fd56301->doDisplay(Array, Array) (Line: 405)
    Twig\Template->displayWithErrorHandling(Array, Array) (Line: 378)
    Twig\Template->display(Array) (Line: 390)
    Twig\Template->render(Array) (Line: 55)
    twig_render_template('themes/cryptod/templates/field--body.html.twig', Array) (Line: 384)
    Drupal\Core\Theme\ThemeManager->render('field', Array) (Line: 433)
    Drupal\Core\Render\Renderer->doRender(Array, ) (Line: 204)
    Drupal\Core\Render\Renderer->render(Array) (Line: 479)
    Drupal\Core\Template\TwigExtension->escapeFilter(Object, Array, 'html', NULL, 1) (Line: 628)
    __TwigTemplate_94824eadc93e4a1512dfcc7c7b9cd80d->doDisplay(Array, Array) (Line: 405)
    Twig\Template->displayWithErrorHandling(Array, Array) (Line: 378)
    Twig\Template->display(Array) (Line: 52)
    __TwigTemplate_ca9ecf502ddd85d5028d55c6a685faec->doDisplay(Array, Array) (Line: 405)
    Twig\Template->displayWithErrorHandling(Array, Array) (Line: 378)
    Twig\Template->display(Array) (Line: 390)
    Twig\Template->render(Array) (Line: 55)
    twig_render_template('themes/cryptod/templates/node.html.twig', Array) (Line: 384)
    Drupal\Core\Theme\ThemeManager->render('node', Array) (Line: 433)
    Drupal\Core\Render\Renderer->doRender(Array, ) (Line: 204)
    Drupal\Core\Render\Renderer->render(Array, ) (Line: 242)
    Drupal\Core\Render\MainContent\HtmlRenderer->Drupal\Core\Render\MainContent\{closure}() (Line: 580)
    Drupal\Core\Render\Renderer->executeInRenderContext(Object, Object) (Line: 243)
    Drupal\Core\Render\MainContent\HtmlRenderer->prepare(Array, Object, Object) (Line: 132)
    Drupal\Core\Render\MainContent\HtmlRenderer->renderResponse(Array, Object, Object) (Line: 90)
    Drupal\Core\EventSubscriber\MainContentViewSubscriber->onViewRenderArray(Object, 'kernel.view', Object)
    call_user_func(Array, Object, 'kernel.view', Object) (Line: 142)
    Drupal\Component\EventDispatcher\ContainerAwareEventDispatcher->dispatch(Object, 'kernel.view') (Line: 174)
    Symfony\Component\HttpKernel\HttpKernel->handleRaw(Object, 1) (Line: 81)
    Symfony\Component\HttpKernel\HttpKernel->handle(Object, 1, 1) (Line: 58)
    Drupal\Core\StackMiddleware\Session->handle(Object, 1, 1) (Line: 48)
    Drupal\Core\StackMiddleware\KernelPreHandle->handle(Object, 1, 1) (Line: 191)
    Drupal\page_cache\StackMiddleware\PageCache->fetch(Object, 1, 1) (Line: 128)
    Drupal\page_cache\StackMiddleware\PageCache->lookup(Object, 1, 1) (Line: 82)
    Drupal\page_cache\StackMiddleware\PageCache->handle(Object, 1, 1) (Line: 48)
    Drupal\Core\StackMiddleware\ReverseProxyMiddleware->handle(Object, 1, 1) (Line: 51)
    Drupal\Core\StackMiddleware\NegotiationMiddleware->handle(Object, 1, 1) (Line: 23)
    Stack\StackedHttpKernel->handle(Object, 1, 1) (Line: 718)
    Drupal\Core\DrupalKernel->handle(Object) (Line: 17)
    
  • Warning: Undefined array key 1 in Drupal\cryptocompare\TwigExtension\RemoveSpace::getcard() (line 3001 of modules/custom/cryptocompare/src/TwigExtension/RemoveSpace.php).
    Drupal\cryptocompare\TwigExtension\RemoveSpace::getcard('
                        Contents
                        <ul class="article__contents-list"><li class="article__contents-item"><a class="article__contents-link link-pseudo" href="#h20">Attackers moving from China to Europe and US</a></li><li class="article__contents-item"><a class="article__contents-link link-pseudo" href="#h31">Upgraded malware eliminates miners</a></li></ul>
                    
                      
        
                        
    
    
    
                      
        
                        
    
    
    
                    
                  In a <a rel="nofollow" target="_blank" href="https://blog.trendmicro.com/trendlabs-security-intelligence/outlaw-updates-kit-to-kill-older-miner-versions-targets-more-systems/">recent blog post</a>, Trend Micro reports that a group of hackers calling themselves Outlaw has returned after several months of silence&nbsp;and is attacking servers with weak security levels. However, now it is using upgraded malware which first infects systems to use their computation power to secretly mine crypto and then kills the crypto miners working on them.
    
    Attackers moving from China to Europe and US
    
    The re-emerged hacking group, Outlaw, is now targeting corporate systems that lack serious cyber&nbsp;protection or have not yet upgraded their security systems. The hackers are now using an upgraded set of malware and target systems that mine digital currencies.
    
    The group first ‘presented itself to the world’ back in 2018 and, over the last year, have been improving and testing their new equipment while attacking crypto miners in China.
    
    However, this year, the Outlaw <a href="https://u.today/bitcoin-btc-ransom-hackers-target-multiple-us-cities-and-demand-payments-in-crypto">hackers</a> have switched to the US and Europe.
                    
                      
        
                            Ads
    
    
    
    
                      
        
                            Ads
    
    
    
    
                    
                  
    
    <a rel="nofollow" target="_blank" href="#">card</a>
    
    Upgraded malware eliminates miners
    
    The upgraded botnet&nbsp;infects corporate servers and erases the existing crypto mining software on them. The Trend Micro cyber research team have been studying the hackers from Outlaw for a long time. The samples they managed to find say that the hackers are&nbsp;also using their botnet for stealing data from servers used by companies in the financial sector in order to sell it later on.
    
    However, the study says that the hackers are not only going to attack corporate servers that have not yet been upgraded. The researchers also mention they found commands for Android APKs and Android Debug Bridge. These can make Android-powered TVs begin mining crypto without the&nbsp;owners knowing.
    ') (Line: 1030)
    Drupal\cryptocompare\TwigExtension\RemoveSpace->formatbody(Array) (Line: 54)
    __TwigTemplate_6d9d18caa33c92f0e9ed6e986fd56301->doDisplay(Array, Array) (Line: 405)
    Twig\Template->displayWithErrorHandling(Array, Array) (Line: 378)
    Twig\Template->display(Array) (Line: 390)
    Twig\Template->render(Array) (Line: 55)
    twig_render_template('themes/cryptod/templates/field--body.html.twig', Array) (Line: 384)
    Drupal\Core\Theme\ThemeManager->render('field', Array) (Line: 433)
    Drupal\Core\Render\Renderer->doRender(Array, ) (Line: 204)
    Drupal\Core\Render\Renderer->render(Array) (Line: 479)
    Drupal\Core\Template\TwigExtension->escapeFilter(Object, Array, 'html', NULL, 1) (Line: 628)
    __TwigTemplate_94824eadc93e4a1512dfcc7c7b9cd80d->doDisplay(Array, Array) (Line: 405)
    Twig\Template->displayWithErrorHandling(Array, Array) (Line: 378)
    Twig\Template->display(Array) (Line: 52)
    __TwigTemplate_ca9ecf502ddd85d5028d55c6a685faec->doDisplay(Array, Array) (Line: 405)
    Twig\Template->displayWithErrorHandling(Array, Array) (Line: 378)
    Twig\Template->display(Array) (Line: 390)
    Twig\Template->render(Array) (Line: 55)
    twig_render_template('themes/cryptod/templates/node.html.twig', Array) (Line: 384)
    Drupal\Core\Theme\ThemeManager->render('node', Array) (Line: 433)
    Drupal\Core\Render\Renderer->doRender(Array, ) (Line: 204)
    Drupal\Core\Render\Renderer->render(Array, ) (Line: 242)
    Drupal\Core\Render\MainContent\HtmlRenderer->Drupal\Core\Render\MainContent\{closure}() (Line: 580)
    Drupal\Core\Render\Renderer->executeInRenderContext(Object, Object) (Line: 243)
    Drupal\Core\Render\MainContent\HtmlRenderer->prepare(Array, Object, Object) (Line: 132)
    Drupal\Core\Render\MainContent\HtmlRenderer->renderResponse(Array, Object, Object) (Line: 90)
    Drupal\Core\EventSubscriber\MainContentViewSubscriber->onViewRenderArray(Object, 'kernel.view', Object)
    call_user_func(Array, Object, 'kernel.view', Object) (Line: 142)
    Drupal\Component\EventDispatcher\ContainerAwareEventDispatcher->dispatch(Object, 'kernel.view') (Line: 174)
    Symfony\Component\HttpKernel\HttpKernel->handleRaw(Object, 1) (Line: 81)
    Symfony\Component\HttpKernel\HttpKernel->handle(Object, 1, 1) (Line: 58)
    Drupal\Core\StackMiddleware\Session->handle(Object, 1, 1) (Line: 48)
    Drupal\Core\StackMiddleware\KernelPreHandle->handle(Object, 1, 1) (Line: 191)
    Drupal\page_cache\StackMiddleware\PageCache->fetch(Object, 1, 1) (Line: 128)
    Drupal\page_cache\StackMiddleware\PageCache->lookup(Object, 1, 1) (Line: 82)
    Drupal\page_cache\StackMiddleware\PageCache->handle(Object, 1, 1) (Line: 48)
    Drupal\Core\StackMiddleware\ReverseProxyMiddleware->handle(Object, 1, 1) (Line: 51)
    Drupal\Core\StackMiddleware\NegotiationMiddleware->handle(Object, 1, 1) (Line: 23)
    Stack\StackedHttpKernel->handle(Object, 1, 1) (Line: 718)
    Drupal\Core\DrupalKernel->handle(Object) (Line: 17)
    

Hacking Group Re-Emerges, Steals Crypto While Killing Mining Software

Tue, 02/11/2020 - 16:24
article image
Yuri Molchan
A group of hackers returns, switching between China, the US and Europe, now targeting corporate servers to steal crypto and kill mining software with modified malware
Hacking Group Re-Emerges, Steals Crypto While Killing Mining Software
Cover image via 123rf.com
Read U.TODAY on
Google News
Contents

In a recent blog post, Trend Micro reports that a group of hackers calling themselves Outlaw has returned after several months of silence and is attacking servers with weak security levels. However, now it is using upgraded malware which first infects systems to use their computation power to secretly mine crypto and then kills the crypto miners working on them.

Attackers moving from China to Europe and US

The re-emerged hacking group, Outlaw, is now targeting corporate systems that lack serious cyber protection or have not yet upgraded their security systems. The hackers are now using an upgraded set of malware and target systems that mine digital currencies.

The group first ‘presented itself to the world’ back in 2018 and, over the last year, have been improving and testing their new equipment while attacking crypto miners in China.

However, this year, the Outlaw hackers have switched to the US and Europe.

card

Upgraded malware eliminates miners

The upgraded botnet infects corporate servers and erases the existing crypto mining software on them. The Trend Micro cyber research team have been studying the hackers from Outlaw for a long time. The samples they managed to find say that the hackers are also using their botnet for stealing data from servers used by companies in the financial sector in order to sell it later on.

However, the study says that the hackers are not only going to attack corporate servers that have not yet been upgraded. The researchers also mention they found commands for Android APKs and Android Debug Bridge. These can make Android-powered TVs begin mining crypto without the owners knowing.

article image
About the author

Yuri is a crypto journalist interested in technology and technical innovations. He has been in crypto since 2017. Believes that blockchain and cryptocurrencies have a potential to transform the world in the future in many of its aspects. ‘Hodls’ major cryptocurrencies and has written for multiple crypto media outlets. 

His articles have been quoted by such crypto influencers as Tyler Winklevoss, John McAfee, CZ Binance, Max Keiser, etc.

Currently Yuri is a news writer at U.Today and can be contacted at yuri.molchan@u.today.