VERY IMPORTANT

As we’ve observed with cybercriminal groups that aim to maximize profits for every campaign, silence doesn’t necessarily mean inactivity. It appears hacking group Outlaw, which has been silent for the past few months, was simply developing their toolkit for illicit income sources. While they have been quiet since our June analysis, we observed an increase in the group’s activities in December, with updates on the kits’ capabilities reminiscent of their previous attacks. The updates expanded scanner parameters and targets, looped execution of files via error messages, improved evasion techniques for scanning activities, and improved mining profits by killing off both the competition and their own previous miners.