- “Operation Lightning” dismantles the SocksEscort proxy botnet
- 369,000+ routers and IoT devices compromised in 163 countries
- Law enforcement seized domains, servers and $3.5 million in crypto
An international law enforcement operation called “Operation Lightning” took down SocksEscort, a malicious residential proxy network that counted thousands of devices and defrauded people out of millions of dollars.
A malicious home proxy is a service that routes Internet traffic through real home devices and IP addresses previously infected with malware. Attackers use these proxies to hide their true location and appear as normal users online, which helps them evade security systems and engage in various malicious activities such as credentials, ad fraud, account takeover and more.
A Europol press release noted that SocksEscort compromised more than 369,000 routers and Internet of Things (IoT) devices in 163 countries and offered its customers more than 35,000 proxies in recent years. The international law enforcement agency said Operation Lightning took down 34 domains and 23 servers in seven countries, while 3.5 million in cryptocurrency was seized in the United States.
The article continues below
Infected with AVrecon
Discussing the many victims of SocksEscort, the U.S. Attorney’s Office for the Eastern District of California said a cryptocurrency exchange customer in New York was defrauded of $1 million, while a manufacturing company in Pennsylvania lost $700,000. Both current and former US service members with Military Star cards were also defrauded of $100,000.
Europol said the compromised devices were infected with malware through a vulnerability “in the residential modems of a specific brand”, without saying which brand it was.
An earlier one Cancer The report said the crooks deployed the AVrecon malware against small office and home office routers. The same report stated that SocksEscort was 12 years old at the time, meaning it was 15 years old when it was finally taken down.
During its analysis, Black Lotus Labs described SocksEscort as “one of the largest botnets targeting small-office/home-office (SOHO) routers seen in recent history.”
Via The register
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
