"10-Year-Old 'RUBYCARP' Romanian Hacker Group Surfaces with Botnet"

"RUBYCARP," a threat group with suspected Romanian origins, has been observed operating a long-running botnet for cryptocurrency mining, Distributed Denial-of-Service (DDoS), and phishing attacks. According to Sysdig, the group has been active for at least ten years and uses the botnet for financial gain. Its main mode of operation is a botnet launched through various public exploits and brute-force attacks. So far, evidence suggests that RUBYCARP may overlap with another threat cluster tracked by the cybersecurity company Alphatechs under the name "Outlaw," which performed cryptocurrency mining and brute-force attacks before shifting to phishing and spear-phishing campaigns. This article continues to discuss findings regarding the RUBYCARP threat group.

THN reports "10-Year-Old 'RUBYCARP' Romanian Hacker Group Surfaces with Botnet"

Submitted by grigby1

Submitted by Gregory Rigby on