Derived from News Release Summary:
The U.S. DOJ, together with law enforcement partners in Germany, the Netherlands and the United Kingdom, have dismantled the infrastructure of a Russian botnet known as RSOCKS which hacked millions of computers and other electronic devices around the world.
- the RSOCKS botnet, operated by Russian cybercriminals, comprised millions of hacked devices worldwide.
- The botnet initially targeted Internet of Things (IoT) devices, then expanded into additional types of devices, including Android devices and conventional computers.
- the RSOCKS botnet offered access to IP addresses assigned to hacked devices.
- Cybercriminals could navigate to a web-based “storefront” which allowed the customer to pay to rent access to a pool of proxies. The cost for access to a pool of RSOCKS proxies ranged from $30 per day for access to 2,000 proxies to $200 per day for access to 90,000 proxies.
- It is believed that the users of this type of proxy service were conducting large scale attacks against authentication services, also known as credential stuffing, and anonymizing themselves when accessing compromised social media accounts, or sending malicious email, such as phishing messages.