The Outlaw botnet, identified by cybersecurity researchers as a significant threat, targets SSH servers with weak credentials for cryptocurrency mining. Active since at least late 2018, Outlaw has utilized multi-stage infection processes and SSH brute-force techniques to control and spread through compromised systems. The malware performers also employ sophisticated self-propagation capabilities, continuously looking for vulnerable Linux systems, while their infection methodology includes removing competition and maintaining persistence by manipulating SSH configurations. Researchers associate Outlaw with Romanian cybercriminals, competing with other notable cryptojacking groups.
Outlaw employs self-propagating capabilities to spread through SSH brute-force attacks, focusing on targeting SSH servers with weak credentials to maintain control.
This malware utilizes a multi-stage infection process, deploying a shell script to download and execute mining operations while maintaining persistence on compromised servers.
Collection
[
|
...
]