Trend Micro: Outlaw Hacking Group’s Botnet Is Now Spreading a Monero Miner

Cybersecurity company Trend Micro claims to have detected a web address spreading a botnet featuring a monero (XMR) mining component alongside a backdoor. The malware was described on Trend Micro’s official blog on June 13.

Per the report, the firm attributes the malware to Outlaw Hacking Group, as the techniques employed are almost the same used in its previous operations. The software in question also holds Distributed Denial of Service (DDoS) capabilities, “allowing the cybercriminals to monetize their botnet through cryptocurrency mining and by offering DDoS-for-hire services.”

Trend Micro also believes that the creators of the malware in question are still testing and developing it, since it contained some scripts that were included, but not executed. The firm’s telemetry also reportedly detected infection attempts in China.

As Cointelegraph reported earlier this month, Trend Micro had confirmed that attackers have been exploiting a vulnerability in the Oracle WebLogic server to install monero mining malware while using certificate files to obfuscate the endeavor.

In May, Firefox Quantum, the latest version of open-source internet browser Firefox, announced a new privacy toggle that protects against cryptojacking. Users can now toggle an opt-in feature that purportedly blocks would-be cryptojackers from taking advantage of spare computing power to mine cryptocurrencies.

Malware on Official Monero Website Can Steal Crypto: Investigator   Nov. 19, 2019
Researchers are calling this new malware a triple threat for crypto users   Sept. 2, 2020
Botnet Exploits SQL Servers to Install Crypto Mining App   June 10, 2020
Malware Shellbot is Now Capable of Shutting Down Other Miners   May 1, 2019
Cybercriminals Sneak in Crypto Mining Malware via Confluence Software Exploit   May 7, 2019