Hijacking Your Bandwidth: How Proxyware Apps Open You Up to Risk

But is this true? To examine and understand the kind of risks a potential user might be exposed to by joining such programs, we recorded and analyzed network traffic from a large number of exit nodes of several different network bandwidth sharing services (exit nodes are computers who had these network bandwidth sharing services installed).  

From January to September 2022, we recorded traffic coming from exit nodes of some of these passive income companies and examined the nature of the traffic being funneled through the exit nodes.

First of all, our observation confirmed that traffic from other app partners are funneled to our exit node and most of it is legitimate. We saw normal traffic, such as browsing news websites, listening to news streams, or even browsing online shopping websites. However, we also identified some questionable connections. These connections demonstrated that some users were performing activities that are suspicious or possibly illegal in some countries.

A summary of suspicious activities is given in the following table. We organized these activities by similarity and noted the proxy networks where we have observed these activities.

Suspicious activity Traffic from Proxyware Applications Access to 3rd-party SMS and SMS PVA services Honeygain, PacketStream Accessing potential click-fraud or silent advertisement sites Honeygain SQL injection probing Honeygain, PacketStream, IPRoyal Pawns Attempts to access /etc/passwd and other security scans Honeygain, PacketStream Crawling government websites Honeygain Crawling of

Read more

Explore the site

More from the blog

Latest News