Awani Review

Complete News World

The United States has removed a Russian botnet that hacked millions of devices

The United States has removed a Russian botnet that hacked millions of devices

The U.S. Department of Justice has removed the infrastructure described as millions of Russian botnets. Hacked linked objects .

The U.S. court ruled that RSOCKS operated as a proxy service, but instead of providing clients with IP addresses legally leased from ISPs, the company provided IP addresses assigned to hacked devices.

The United States has said that law enforcement, along with allies in Germany, the Netherlands and the United Kingdom, “destroyed” the RSOCKS infrastructure that “hacked millions of computers and other devices worldwide.”

Cybercriminals can use this service to cover up the source of their activity, including “credentials” attacks on login web pages.

“Users of this type of service are believed to carry out large-scale attacks on authentication services, also known as ‘certificate credentials’, and anonymize themselves when accessing compromised social media accounts, or send malicious emails such as phishing messages.” Ministry of Justice.

The RSOCKS service website has now been replaced with news captured by the FBI, but previously customers could purchase access to the RSOCKS proxy pool for $ 30 to $ 2,000 per day or $ 200 per day for 9,000 proxies. To American justice.

After purchasing access, the client can download a list of IP addresses and ports associated with one or more botnet servers. According to the judiciary, the customer can change his internet traffic through the victim’s compromised devices, the judiciary said.

Connected objects, but not only

RSOCKS operators are said to have compromised IoT device passwords and created a proxy service through vicious attacks. Many of these devices are provided with default passwords or are protected by weak passwords.

See also  Economic relations between the United States and China are as tense as the Trump administration

Operators initially targeted wearables to build botnets, but later expanded their functionality to compromise Android devices and computers. Botnet victims include a university, a hotel, a television studio and an electronics manufacturer. The victims are home-based businesses and individuals.

The U.S. Department of Justice has revealed that he removed the botnet by exposing a search warrant affidavit in the Southern District of California.

“This move eliminates the sophisticated cybercriminal organization based in Russia that has been conducting incursions in the United States and abroad,” said FBI Special Agent Stacey Moy.

“Our fight against cybercriminal sites is an important part of ensuring cyber security and security in the United States. The actions we announce today demonstrate the FBI’s continued commitment to pursuing malicious foreign actors in conjunction with our international and private sector partners.”

In April, the U.S. Department of Justice Announced the removal of a botnet It is controlled by the Directorate General of Intelligence (GRU) of the Russian Federation and contains thousands of infected WatchGuard and Asus firewall devices.


Source: “ZDNet.com”