"Though this enterprise was built to offer criminals an avenue to proxy their traffic, users have abused and altered the network into its present state - one which directly supports many other forms of malicious activity such as obfuscating malware traffic, credential stuffing, and phishing," researchers wrote in the blog.
"Botnets such as these present a concerning and persistent threat to legitimate organizations across the internet," stated researchers highlighting the dangers posed by co-opted proxy services.
The research conducted by the telecom company is particularly focused on the relationship between ngioweb and the criminal proxy service NSOCKS.
Researchers found that 80% of the NSOCKS bots - which consists of 35,000 machines in 180 countries - originate from compromised small office/home office routers and IoT devices.
Collection
[
|
...
]