Bagikan artikel ini
New Monero Botnet Looks Like Last Year's Outlaw Attack
A rogue botnet uses a brute force attack and Secure Shell (SSH) exploit to give the attackers remote access to victim’s systems in order to mine Monero.
Oleh Daniel Kuhn
There’s another Monero mining botnet that’s targeting China. Or maybe it’s one we’ve seen before.
Bloggers steeped in the hacker-verse recently exposed a URL spreading a botnet that looks suspiciously like one unleashed by the Outlaw hacking group last year. The Outlaw outfit -- a name coined by its discoverers at Trend Micro, who translated “the Romanian word haiduc, the hacking tool the group primarily uses” -- is infamous for its previous release of a Perl-based shellbot that infiltrates through weaknesses in the Internet of Things.
STORY CONTINUES BELOW
Jangan lewatkan cerita lainnya.Berlangganan Newsletter Crypto Daybook Americas hari ini. Lihat semua newsletter
The new attack, uncovered by Trend Micro’s honeypot security systems, has been restricted to computers based in China so far. The malware is spread through a malicious URL which bundles in a Monero-mining script and a backdoor-based exploit.
Trend Micro estimates that hackers have used crypto-jacking to mine $250,000 per month in Monero.
The Outlaw botnet uses a brute force attack and Secure Shell (SSH) exploit to give the attackers remote access over victim’s systems. A more detailed report of Outlaw’s previous attack showed that once the attackers have access, the malware executes commands to download and install the cryptocurrency miner payload. Additionally, if the malware detects cryptocurrency miners already installed on the system, it will delete them to reduce competition for system resources.
The security experts also noted that the backdoor component is also capable of launching distributed denial-of-service attacks which would allow the cybercriminals to monetize their botnet not only through mining, but by offering DDoS-for-hire services.
However, because the scripts haven’t been activated, Trend Micro believes the hackers are still in the testing and development phase. They suggest the malware may be laying dormant until future editions of the botnet are released.
This comment lead TheNextWeb to speculate whether the botnet has mined any cryptocurrency or made any successful attacks yet.
Monero image via CoinDesk Archives
Lebih untuk Anda
Yang perlu diketahui:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
Lebih untuk Anda
Traders mull the bottom as bitcoin returns to week's lows below $86,000
One analyst isn't quite ready to call a bottom, but says bitcoin is surely in an oversold condition.
Yang perlu diketahui:
- Bitcoin's early rally Wednesday seems a faint memory as the price has returned to the week's lows.
- Precious metals continue to get bid, with silver rushing to yet another new record and gold closing in on an all-time high.
- One analyst cautioned against reading too much into the current bitcoin price action due to year-end positioning and tax considerations.
Top Stories
