The US DOJ has today announced that it successfully seized the domain of RSocks – a Russian proxy service provider that’s alleged to have hijacked millions of customers’ devices for malicious activities.
RSocks has evolved to be a large malware botnet, triggering the FBI and other police agencies to take it down ultimately today. Although, no arrests have been announced in this successful operation that spanned over 5+ years.
Taking Down a Russian Botnet
RSocks, a Russian-based proxy service, has today been taken down by the FBI in a joint operation with police forces from Germany, the Netherlands, and the United Kingdom. The service was alleged to be exploiting it’s customers by hijacking their computers, Android smartphones, and IoT devices in the name of offering a proxy network service.
We’ve seen this kind of exploitation in the past, where a few proxy services have hacked the devices of their customers to add them to their botnet. These are then used for performing various malicious means like phishing attacks, credential stuffing, account takeover attempts, etc.
Since they’re illegal, the FBI has seized RSocks today with the help of other police agencies. RSocks used to provide residential IP addresses to it’s customers, who are more reliable than regular VPNs and have less blocking rates by sites.
In order to capture RSocks, the US DOJ said it has purchased RSocks proxy pools ranging from $30 per day for 2,000 proxies to $200 per day for 90,000 proxies in 2017 and studied how it’s infrastructure works.
After realizing the mechanism and proving that RSocks was hacking customers’ devices, they finally captured the domains and seized the entire RSocks infrastructure. But, no arrests have been announced regarding this operation.
Other Trending News:- News