Monero (XMR) Mining: Outlaw Shellbot Infects Linux Servers To Mine XMR

The latest news places Monero (XMR) in the hacking spotlight again.

The Outlaw group is currently conducting an active campaign which targets Linux systems in crypto mining attacks, reports ZDNet.

The JASK Special Ops research team has revealed some more details of the attack which seems to have been focused on seizing infrastructure resources in order to support illicit Monero (XMR) mining activities.

Using a refined Shellbot version

It looks like the campaign is using a sophisticated variant of Shellbot which is a Trojan that carves a tunnel between an infected system and a command-and-control server (C2) that’s operated by hackers.

ZDNet reveals that the backdoor is able to collect system and personal data, terminate or run tasks and processes, download payloads, open remote command line shells and more.

“The bot first emerged in November 2018. According to Trend Micro, the malware is the work of the Outlaw group, a rough translation derived from “haiduc,” a Romanian phrase which has been bequeathed to the main hacking tool the group uses,” they write.

Shellbot is an IRC bot that’s distributed via common command injection vulnerabilities which target Linux servers and also various IoT devices.

It can reportedly affect Windows environment and Android devices as well.

The C2 is still active, and the botnet is growing,” the security researchers say.

They continue and explain that “The multistage payloads suggest reuse and repurpose of shellbot code used by operators in different regions of the world, including Brazil and Romania. JASK also has observed newly adapted payloads that craft specific mining tasks for different architectures and post exploitation worm-like behavior.”

Closing words

Mining Monero became the favorite thing for hackers because they have access to a large number of computers among others.

Monero became a widely-used form of money in the criminal world, and this means that those mining XMR can use it to trade for other goods and services on the crypto market.

Eduard Watson Author

An experienced finance writer for more than 10 years, active industry watcher, and gadget enthusiast.

Crypto Destroyer

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.