Monero Hacker Group 'Outlaw' Is Back and Targeting American Business: Report

Published on by Coindesk | Published on

A group specializing in hijacking victims' computer power to mine for monero has returned with new tools to attack businesses based in the U.S. and Europe.

Japanese cybersecurity firm Trend Micro reported Monday the group, known as Outlaw, had begun infiltrating Linux-based enterprise systems in order to hijack computer power and mine for the privacy coin monero, a process known as cryptojacking.

Trend Micro's report said Outlaw used a combination of pre-existing tools and new techniques to monitor for programs that could detect its malware.

The newly improved malware can also hunt down and kill existing mining bots - even the group's previous miners - found in infected systems, taking out the competition and improving mining profits.

"[W]e expect the group to be more active in the coming months as we observed changes on the versions we acquired," the report reads.

Although Outlaw had previously confined itself to computer systems in China, Trend Micro's report found it was now targeting businesses in Europe and the U.S. The cybersecurity firm found the group targeted several of its honeypots - mechanisms designed to lure hackers to attack it - situated across the Eastern European region.

The group might also try to steal information and sell it to the highest bidder, Trend Micro said.

In 2019, Trend Micro detected the group attacking computer systems in China with a similar malware design that would hijack computer power to mine monero.

Very little is known about the Outlaw hacking group, not even what it call itself.

Trend Micro coined the name "Outlaw" as a translation of the Roman word haiduc, which is the name of one of the group's favorite hacking tools.

x