Operation Outlaw is Back
The Outlaw Hacking Group infected multiple regions around the world with a new version of malicious software known as ShellBot. The malware contains a crypto-currency miner and a ssh backdoor with multiple variants appearing on the threat landscape since at least 2005. The latest variant includes a new IRC server and Monero pools and like past versions is focused on Linux servers. The malicious files are spread across four directories and contain code which executes either certain days or at reboot.