Widely attributedUnknown

Outlaw

Long-running cryptomining threat group using IRC-based botnets and SSH brute-forcing to compromise Linux servers. Also known as Perlbot and Shellbot due to use of Perl-based malware.

Compare attribution across sources →

Attribution signal

?Score = mentions × confidence weight, summed across all attributed sources. Higher source diversity increases the score.≥ 10 High≥ 3 Moderate< 3 Low

0.8

Low signal strength

Mentions1

Sources1

High conf.1

Last seenMay 2026

First observed

—

Last active

—

Origin

—

Aliases

Techniques

Campaigns

TargetsCloudTechnology

RegionsGlobal

Attribution signals

1 mention · 1 source

#1high

MalwareTTP match

sans-isc

May 2026

Campaign: mdrfckr