- “Operation Lightning” Takes Down SocksEscort Proxy Botnet
- More than 369,000 routers and IoT devices compromised in 163 countries
- Law enforcement seized domains, servers and $3.5 million in crypto
An international law enforcement campaign called “Operation Lightning” took down SocksEscort, a malicious residential proxy network that had thousands of devices and scammed millions of dollars.
A malicious residential proxy is a service that routes internet traffic through real home devices and IP addresses previously infected with malware. Attackers use these proxies to hide their real location and appear like normal users online, which helps them evade security systems and engage in different malicious activities such as credential stuffing, ad fraud, account takeover, etc.
A press release from Europol states that SocksEscort has compromised more than 369,000 routers and Internet of Things (IoT) devices in 163 countries and offered its customers more than 35,000 proxies in recent years. The international law enforcement agency said Operation Lightning took down 34 domains and 23 servers in seven countries, while 3.5 million cryptocurrencies were seized in the United States.
Article continues below
Infected by AVrecon
Of SocksEscort’s many victims, the U.S. Attorney’s Office for the Eastern District of California said a cryptocurrency exchange customer in New York was defrauded out of $1 million, while a manufacturing company in Pennsylvania lost $700,000. Current and former U.S. military personnel with Military Star cards were also defrauded out of $100,000.
Europol said the compromised devices were infected with malware, via a vulnerability “in residential modems of a specific brand”, without specifying which brand it was.
One sooner Krebs The report states that the crooks were deploying AVrecon malware against routers in small businesses and home offices. The same report stated that SocksEscort was 12 years old at the time, meaning he was 15 years old when he was finally taken down.
During its analysis, Black Lotus Labs described SocksEscort as “one of the largest botnets targeting small office and home office (SOHO) routers seen in recent history.”
Via The register
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
