In a recent blog post, Trend Micro reports that a group of hackers calling themselves Outlaw has returned after several months of silence and is attacking servers with weak security levels. However, now it is using upgraded malware which first infects systems to use their computation power to secretly mine crypto and then kills the crypto miners working on them.
Attackers moving from China to Europe and US
The re-emerged hacking group, Outlaw, is now targeting corporate systems that lack serious cyber protection or have not yet upgraded their security systems. The hackers are now using an upgraded set of malware and target systems that mine digital currencies.
The group first ‘presented itself to the world’ back in 2018 and, over the last year, have been improving and testing their new equipment while attacking crypto miners in China.
However, this year, the Outlaw hackers have switched to the US and Europe.
Upgraded malware eliminates miners
The upgraded botnet infects corporate servers and erases the existing crypto mining software on them. The Trend Micro cyber research team have been studying the hackers from Outlaw for a long time. The samples they managed to find say that the hackers are also using their botnet for stealing data from servers used by companies in the financial sector in order to sell it later on.
However, the study says that the hackers are not only going to attack corporate servers that have not yet been upgraded. The researchers also mention they found commands for Android APKs and Android Debug Bridge. These can make Android-powered TVs begin mining crypto without the owners knowing.