US disrupts Russian botnet that ‘hacked millions of devices’

The US Department of Justice (DoJ) has dismantled the infrastructure of what it described as a Russian botnet consisting of millions of hacked Internet of Things (IoT) devices

According to the DoJ, RSOCKS was operating as a proxy service, but instead of offering customers IP addresses legitimately leased from internet service providers (ISPs), the firm was offering IP addresses that had been assigned to hacked devices. 

The DoJ said that together with law enforcement partners in Germany, the Netherlands and the UK it has “dismantled” the infrastructure of RSOCKS “which hacked millions of computers and other electronic devices around the world”.

The service was available for cybercriminals to use to conceal the source of their activity, which included credential attacks on login web pages.  

“It is believed that the users of this type of proxy service were conducting large scale attacks against authentication services, also known as credential stuffing, and anonymizing themselves when accessing compromised social media accounts, or sending malicious email, such as phishing messages,” the DOJ said

RSOCKS’s website advertising its services and prices has now been replaced with a message that it has been seized by the FBI, but previously customers could buy access to a pool of RSOCKS proxies from $30 a day for 2,000 proxies to $200 per day for 9,000 proxies, according to the DoJ.

Once purchased, the customer could download a list of IP addresses and ports associated with one or more of the botnet’s backend servers. The customer

Read more

Explore the site

More from the blog

Latest News