(Financial News) A group of hackers known as “Outlaw”, specializing in seizing the power of a victim’s linux computer for Monero mining, again began to attack US and European based enterprises with new tools.
Trend Micro reports that the Outlaw hacker group has begun to infiltrate Linux-based enterprise systems to take over the power of computers and use them for covert mining of Monero cryptocurrency. The report says Outlaw uses a combination of existing tools and new methods to monitor programs that can detect malware.
Outlaw’s activity began to rise in December after several months of inactivity
Improved malware can also track and disable existing mining bots detected on infected systems, thereby eliminating competition and increasing profits. Past iterations could only partially reduce the activity of competing mining programs. Trend Micro reports that Outlaw’s activity began to rise in December after several months of inactivity.
“We expect the group to be more active in the coming months, as we observed changes in the versions of malware that came into our hands,” the report said.
Although Outlaw was previously limited to computer systems in China, a Trend Micro report says hackers are now targeting businesses in Europe and the US. The company found that the group also attacked several traps for hackers located in Eastern Europe.
The report does not disclose the names of enterprises in the United States or other countries that have been affected by Outlaw malware. Trend Micro suggests that hackers can also try to steal information and sell it to the highest bidder. The report said that companies in the financial and automotive industries that had not updated their security systems for a long time were the most vulnerable to attacks.
Last February, it was reported that a hidden Shellbot miner was discovered for mining Monero on Linux devices. This is yet another hack by the group known as Outlaw. Last summer, Trend Micro claimed to have detected a botnet spread by the same hacker group with the XMR mining component and backdoor.