An international coalition of law enforcement agencies has successfully dismantled a botnet that exploited tens of thousands of compromised home and small business routers. This operation targeted SocksEscort, a service used by cybercriminals worldwide to launch ransomware attacks, execute DDoS assaults, and circulate illicit material, including child sexual abuse content.
According to a report by the Department of Justice, SocksEscort served as a platform for a range of criminal activities, such as unauthorized access to financial accounts, cryptocurrency theft, and fraudulent unemployment claims. The operation’s impact was substantial, with millions of dollars in damages prevented.
Europol disclosed that the botnet associated with SocksEscort infiltrated over 369,000 routers and IoT devices across 163 countries. Following the enforcement action, these infected devices have been disconnected from the criminal service, disrupting the malicious operations facilitated by the botnet.
Cybersecurity firm Black Lotus Labs revealed that the botnet, supported by the AVRecon malware, posed a severe threat by exclusively catering to criminal elements. A significant portion of victims resided in the United States and the United Kingdom, enabling targeted criminal activities.
Source: TechCrunch