The US Department of Justice has confirmed that it has seized and destroyed the infrastructure of a Russian botnet used to hijack millions of devices around the world to use them as proxy servers.
according to prosecutorsRsocks provided its web proxy service – operated by unknown Russian cybercriminals – by hacking into millions of computers, smartphones and Internet of Things devices, and converting them into unintentional proxy servers, paying customers the IP addresses of the compromised devices. allows the use of . Permission or knowledge of the owners.
ruscox’s own Twitter account Claimed to have access to over eight million residential devices and over one million mobile IPs.
Proxy services, which are not inherently illegal or illegal, provide their customers with IP addresses for a fee, such as bypassing censorship or accessing geo-blocked content in a particular region. But according to prosecutors, Ruscox was allegedly hacking millions of devices by performing brute force attacks.
Customers can access a web-based “storefront” where they can rent access to the proxy for a specific time period. Once purchased, the customer can download a list of IP addresses and ports associated with one or more botnets’ backend servers, and then route malicious Internet traffic through compromised devices to disguise or disguise the real source of traffic. Can root to hide.
“It is believed that users of this type of proxy service were conducting large-scale attacks against authentication services, also known as credential stuffing, and access to compromised social media accounts or malicious acts such as phishing messages.” Were anonymizing myself when sending emails.” The Justice Department announced the successful removal of the botnet infrastructure in a press release.
FBI investigators used undercover purchases to gain access to its backend infrastructure and the Rsocks botnet to identify victims. Initial undercover purchases in early 2017 identified approximately 325,000 compromised devices, which were primarily located in the United States.
Home businesses and individuals as well as many large public and private entities have fallen victim to the Rusks botnet, prosecutors said, including a university, a hotel, a television studio and an electronics manufacturer – and homes and small businesses, prosecutors said.
“Cyber criminals will not escape justice, no matter where they work,” US Attorney Randy Grossman said. Working with public and private partners around the world, we will continually pursue them, using all means at our disposal to circumvent their threats and prosecute those responsible. ,
The Rosox botnet is the second of its kind that has recently been destroyed by US authorities. In April, an FBI operation revealed that it had intercepted another botnet, known as Cyclops Blink, by a group of hackers working for Russia’s GRU, the country’s military intelligence unit. was operated.