- Dutch NCSC and police dismantled a 17M‑device botnet by taking down 200 servers
- Asocks, previously tied to free Android VPN apps and promoted on Russian hacking forums, offered residential proxies often abused by cybercriminals
- Officials stress devices are assimilated via malware without consent
A major botnet comprising 17 million devices was just taken offline late last week.
The Dutch National Cyber Security Center (NCSC) announced the takedown on Thursday, saying that together with the local police force, it “took action” against 200 servers which acted as the supporting infrastructure for the botnet. The unnamed hosting provider running the servers took the botnet offline due to their involvement in criminal activities, it was said.
The NCSC did not say which botnet was terminated. The Hacker News, however, citing local news outlet NL Times, said the service in question was Asocks, allegedly a company providing residential proxy services. On the Asocks website it says the company provides corporate, residential, and mobile proxies, with prices ranging from $5 to $15.
Selling the stolen accounts
We last heard of Asocks approximately two years ago, when researchers found roughly two dozen free Android VPN apps assimilating devices into the botnet. At the time, security researchers from HUMAN’s Satori Intelligence Team said Asocks was a Russia-based residential proxy service provider, commonly promoted to cybercriminals on hacking forums.
Generally speaking, proxy services are not criminal – they have legitimate use-cases and various privacy benefits. However, cybercriminals often use them to mask their activities, and if the providers don’t act, then they’re considered criminal, too. Whether or not a proxy service is criminal also depends on how the devices were enrolled, since for illegal ones the devices are assimilated via malware and without their owners’ knowledge or consent.
“Devices can become part of a botnet when they are accessible to malicious actors,” NCSC said. “After gaining access, attackers can install malware that allows the device to be controlled remotely. This enables the device to become part of a network used for cybercriminal activities.”
Therefore, the best way to defend against botnet attacks is to keep your devices updated and protected with a strong password.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
https://cdn.mos.cms.futurecdn.net/2FFajuvJVK8i7Her8gD4aD-2121-80.jpg
Source link
