Vast Criminal Proxy Network Exposed, Exploiting IoT and EoL Devices Worldwide
A vast criminal proxy network has been exposed, utilising thousands of IoT and end-of-life (EoL) devices worldwide to create a botnet for online anonymity. Lumen's Black Lotus Labs, collaborating with international law enforcement, has disrupted the network's command-and-control infrastructure.
The botnet, active across over 80 countries, maintained an average of 1000 active proxies each week. It targets unprotected IoT and small office/home office (SOHO) devices, exploiting outdated residential devices, primarily based in Turkey. Only about 10% of these proxies are flagged as malicious by tools like VirusTotal, highlighting the need for enhanced detection methods.
Infected devices provide temporary, unauthenticated access for malicious activities such as ad fraud, DDoS attacks, and data exploitation. Security professionals recommend monitoring for abnormal login attempts, blocking known open proxy addresses, and replacing EoL devices to mitigate risks.
Lumen and its partners have successfully disrupted the command-and-control infrastructure of this criminal proxy network. However, the specific individuals or groups behind it remain unidentified. Black Lotus Labs continues to share intelligence with global partners, urging proactive monitoring of related networks to prevent further misuse of IoT and EoL devices.
Read also:
- Expanded Criticism of Human Rights Protections - Specialists Criticize Russia's Intensified Crackdown on Virtual Private Networks and Encrypted Applications
- Cyber Attack Nets $14 Million from WOO X Across Four Different Blockchains
- Artificial Intelligence's Self-Consumption: The Demise of the Attention Economy
- Auto industry giants Fescaro and TUV Nord team up for cybersecurity certification in automobiles
