A black-hat hacking group that runs crypto-mining botnets, Outlaw, has resurfaced after months of silence, according to IT security company Trend Micro. The hacking group, which Trend Micro first discovered in 2018, has upgraded its botnet, which can now infect Android-based smart TVs and force them to secretly mine for cryptocurrency.
Previous versions of the botnet targeted Chinese users, but this was just a testing ground, said Trend Micro. Now it’s targeting automotive and finance companies based in the US and Europe, especially companies that haven’t upgraded their security systems, according to the security company's report yesterday. Another of its aims is to steal, and then resell, sensitive information from the companies.
In addition, Outlaw’s upgraded botnet increases profits “by killing off both the competition and their own previous miners,” Trend Micro said in its report. Previous versions of the botnet tried to hijack profits from competing miners. "We also found traces of Android Package Kits- (APK-) and Android Debug Bridge (ADB)-based commands that enable cryptocurrency mining activities in Android-based TVs," the researchers said.
Outlaw’s resurgence in miners suggest that cryptojacking—where hackers use someone else’s computer to mine for cryptocurrency—is on the up. However, reports from Check Point Security in August found that, while cryptojacking is still a major threat, it’s on the decline. In the first half of 2018, 42% of organizations around the world had been infected by crypto-miners. For the same time frame in 2019, the figure fell to just 26%.
Troy Mursch, chief research officer at Bad Packets, a cybersecurity company that specializes in tracking cryptojacking threats, told Decrypt in August that cryptojacking declined in popularity due to the falling price of crypto: it’s “no longer a profitable income method for cybercriminals as the price of cryptocurrency hasn't returned to previous all-time high levels,” he said.
But the crypto market could be on the uptick—Bitcoin just hit $10,000. Is cryptojacking making its comeback?