Intel Name: Outlaw cybergang attacking targets worldwide
Date of Scan: May 6, 2025
Impact: Medium
Summary: Outlaw, also known as “Dota,” is a Perl-based crypto-mining botnet targeting Linux systems by exploiting weak or default SSH credentials. While previously observed in honeypots, a recent real-world incident in Brazil highlights its continued effectiveness. Public telemetry data shows that Outlaw targets multiple countries and regions, and the report includes TTPs and defensive best practices for protecting against this threat.
