The Outlaw hacking group was detected in the early stages of a botnet campaign spreading Monero miners bundled with Perl-based backdoors.
Researchers believe those behind the campaign are still in their testing phase although infection attempts have been spotted in China, according to a June 13 Trend Micro blog post.
The malware gains access to a system with brute-force attacks via SSH, executes two possible command files and is capable of sending remote commands to download and execute the malware.
In addition, the Perl-based backdoor component is capable of launching distributed denial-of-service (DDoS) attacks, which allow the cybercriminals to monetize their botnet through cryptocurrency mining and by offering DDoS-for-hire services.
Researches recommend users close unused ports to secure ports that are regularly open for system administrators’ support.