Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
An international law-enforcement coalition shut down a botnet designed to hack into thousands of homes and small businesses on Wednesday.
The operation targeted SocksEscort, which provided paid services and was built on a botnet of hijacked routers used to commit various crimes, such as hacking victims’ bank accounts with cryptocurrency and filing fraudulent insurance claims, according to the announcement published Thursday by the Department of Justice (DOJ). The DOJ said that the crimes committed by SocksEscort cost Americans millions of dollars.
Europol he said in his announcement of the operation in which the SocksEscort botnet is said to have compromised more than 369,000 routers and Internet of Things devices in 163 countries is that the infected routers have been “decommissioned.” The law firm said SocksEscort was used to facilitate ransom, distribution denial services (DDoS) abuse, and distribution of child sex literature (CSAM).
“Criminal operators have paid for licenses to use infected devices, masking their IP addresses to carry out various crimes,” Europol said. “Once infected with malware, modem owners may not know that their IP addresses have been used for inappropriate purposes.”
The content of SocksEscort’s official website was rather than knowledge announcing the seizure, as part of the law enforcement.
The botnet was created with around 280,000 routers since last January and was powered by a malware called AVRecon, according to cybersecurity company Black Lotus Labswhich tracked SocksEscort and worked with law enforcement on the takedown.
“This botnet posed a serious threat, as it was marketed only to criminals,” the company wrote in its notice of takedown. “Interestingly, more than half of the victims were in the United States or the United Kingdom, which led to the criminals doing what they wanted the most.”
In 2023, Black Lotus Labs to be invited SocksEscort “one of the biggest bots targeting small office/home (SOHO) routers seen in recent history.”
At the time, cybersecurity reporter Brian Krebs report that SocksEscort was born in 2009 as a Russian-language service to sell thousands of stolen computers.
