Cybersecurity firm finds similarity in Monero botnet and “Outlaw” attack
|- Outlaw, the hacking group, used “Haiduc” to attack a vulnerable system on the internet.
- Presently, the hackers are spreading malware through a malicious URL.
TrendMicro’s Security Intelligence Blog has recently discovered a URL that circulates a Monero mining botnet which is almost identical to a similar botnet created by the Outlaw hacking group. TrendMicro states that though in its testing phase, the infection attempts have already been carried out in China. Hackers use the group’s primary hacking tool, dubbed “Haiduc,”(and the Romanian word for “outlaw”)which is a Perl-based shellbot that attack vulnerabilities in the Internet-of-Things.
Previously, the hacking group used to look for a vulnerable system on the internet to launch an attack. At present, it is reported that the malware is primarily being spread through a malicious URL which consists of a Monero-mining script as well as a backdoor-based exploit.
Once Haiduc comes across a vulnerability, or the URL has been accessed, the botnet uses a brute force attack exploit which allows remote access to their victim’s systems. After the system is under the control of the hackers, the malware downloads the cryptocurrency miner payload. The malware also deletes the cryptocurrency mining software installed on the system, if any.
The bot is also reportedly “capable of launching distributed denial-of-service (DDoS) attacks, allowing the cybercriminals to monetize their botnet through cryptocurrency mining and by offering DDoS-for-hire services.” DDoS attacks occur when multiple systems attempt to overwhelm the bandwidth of another targeted system. If the attack is successful, the system will be so overwhelmed that it will not be accessible to anyone besides the person launching the attack. DDoS attacks are quite prominent in the crypto sphere.
The RWTH Aachen University in Germany reported that this kind of involuntary crypto mining is known as “cryptojacking” which amounts to over $250,000 worth of cryptocurrency per month.
Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of FXStreet nor its advertisers.