"SocksEscort is responsible for tens of millions of dollars in losses due to the activity and utilizing ransomware, ad fraud, account takeovers, identity theft, business email compromises, romance scams, and password spraying, among many others. The servers that we seized through our law enforcement operation will most definitely lead us to additional evidence that we will allow us to pursue further criminal activity."
"These types of proxy services hack residential routers and small business devices, and then sell access to the compromised machines for large-scale fraud and digital crimes. Using compromised routers allows miscreants to mask their true online location - and their criminal activities - by making it appear to originate from a legitimate home or small-business user."
"SocksEscort infected home and small business internet routers with a botnet called AVRecon. The malware allows criminals to remotely control the infected device, and direct internet traffic through the compromised routers."
Operation Lightning, a coordinated international law enforcement action, successfully disrupted SocksEscort, a residential proxy service responsible for extensive cybercriminal activity. The FBI and agencies from Austria, France, and the Netherlands seized 34 domains and 23 servers across seven countries, freezing approximately $3.5 million in associated cryptocurrency. SocksEscort infected residential and small business routers with the AVRecon botnet, enabling criminals to mask their locations and conduct large-scale fraud. The service facilitated ransomware attacks, ad fraud, account takeovers, identity theft, business email compromises, romance scams, and password spraying, causing tens of millions in losses. Approximately 124,000 users accessed the proxy network. Law enforcement continues investigating downstream criminals who utilized SocksEscort's infrastructure.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]