Three Russians and a Kazakh will be held responsible for hacking the Anyproxy and 5socks botnets, which caused losses in the millions of dollars
Law enforcement officers stopped the operation of two powerful botnets operating through the domains Anyproxy.net and 5socks.net, after which four people were charged with criminal conspiracy and intentional damage to protected computers. Three citizens of the Russian Federation – Alexey Chertkov, Kirill Morozov and Alexander Shishkin – together with Dmitry Rubtsov from Kazakhstan organized botnet networks by infecting outdated wireless routers in the United States and abroad. These devices were used to provide proxy services on the Anyproxy and 5socks resources, bringing in more than $ 46 million in profit over two decades.
The botnets allowed users to purchase proxies through the corresponding sites, and the attackers had access to more than 7,000 proxies. They used these devices to secretly create botnets that were involved in massive attacks, including covert intrusions into critical US infrastructure. In addition to the fraudulent schemes, the use of outdated routers with known vulnerabilities was recorded, which allowed hackers to build powerful botnets.
The exposure of these botnets was the result of coordinated work by the FBI and assistance from law enforcement agencies in Thailand and the Netherlands. According to technical data, the criminals used outdated network equipment, mainly models from Linksys and Cisco, the production of which has been discontinued.
This operation emphasizes the importance of updating old network devices, as their vulnerabilities can become the basis for the formation of botnets and further cyberattacks. Law enforcement strongly recommends replacing old routers with new models to ensure network security.
