International law enforcement agencies have successfully shut down SocksEscort a major botnet service built from tens of thousands of hacked home and small business routers. Reports Techcrunch.com.
The operation targeted the paid proxy service which allowed cybercriminals worldwide to hide their identities while committing various crimes including ransomware and DDoS attacks as well as distributing child sexual abuse material according to authorities.
The Department of Justice announced that the botnet facilitated hacking into bank and cryptocurrency accounts plus filing fraudulent unemployment claims costing Americans millions of dollars. Europol reported that over 369000 routers and Internet of Things devices across 163 countries were compromised with infected devices now disconnected from the service.
Users of the criminal service paid for licenses to abuse these infected routers without the owners knowledge. The botnet consisted of around 280000 routers since January and was powered by malware known as AVRecon according to cybersecurity firm Black Lotus Labs which assisted in the takedown.
Black Lotus Labs described the botnet as a significant threat marketed exclusively to criminals with more than half of victims located in the United States or the United Kingdom. The service originally started in 2009 as a Russian language operation selling access to hacked computers.
The official SocksEscort website now displays a seizure notice placed by law enforcement as part of the coordinated international effort.
Read “Zamin” on Telegram!
