Grub   4d ago

Europol e autorità di otto paesi, tra cui il Dipartimento di Giustizia degli Stati Uniti, hanno smantellato #SocksEscort un servizio proxy che sfruttava migliaia di router nel mondo infettati dal #malware #avrecon per #linux L’assistenza tecnica durante l’operazione è stata fornita dai #blacklotuslabs e #Shadowserver Foundation. SocksEscort era un servizio di proxy residenziale che i cybercriminali utilizzavano per commettere frodi su larga scala.

#sicurezzainformatica

https://www.punto-informatico.it/socksescort-smantellato-proxy-malware-linux/

SocksEscort: smantellato proxy con malware Linux

SocksEscort era un servizio di proxy residenziale che prevedeva la vendita degli indirizzi IP dei router usati dai cybercriminali per attività illecite.

Punto Informatico
securityaffairs4d ago
US and European authorities disrupt socksEscort proxy service tied to #AVrecon #botnet
https://securityaffairs.com/189391/cyber-crime/us-and-european-authorities-disrupt-socksescort-proxy-service-tied-to-avrecon-botnet.html
#securityaffairs #hacking
US and European authorities disrupt socksEscort proxy service tied to AVrecon botnet

Authorities in the US and Europe disrupted the SocksEscort proxy service, which used the AVrecon botnet and infected about 360,000 devices.

Security Affairs
GripNewsAug 1, 2023
🌗 誰和什麼在背後支持惡意軟體代理服務SocksEscort?- Krebs on Security
➤ AVrecon是SocksEscort背後的惡意軟體引擎,該服務租用被黑客入侵的設備,用於隱藏網絡犯罪分子的真實位置。
https://krebsonsecurity.com/2023/07/who-and-what-is-behind-the-malware-proxy-service-socksescort/
研究人員發現,一個名為AVrecon的兩年前的基於Linux的遠程訪問特洛伊木馬是一個名為SocksEscort的12年前服務的惡意軟體引擎,該服務租用被黑客入侵的住宅和小型企業設備,以隱藏網絡犯罪分子的真實位置。SocksEscort是一個SOCKS代理服務,允許用戶通過代理服務器將其網絡流量傳遞到目標地點,從網站的角度來看,代理網絡客戶的流量似乎來自租用/被惡意軟體感染的與住宅ISP客戶相關聯的個人電腦,而不是來自代理服務客戶。SocksEscort的服務主要面向網絡犯罪分子,用於隱藏其流
#惡意軟體代理服務 #SocksEscort #AVrecon #黑客
Who and What is Behind the Malware Proxy Service SocksEscort? – Krebs on Security

Show threadcruddJul 26, 2023
Spur have published their blog on #avrecon too https://spur.us/2023/07/christmas-in-july-a-finely-wrapped-proxy-service/
#linux #malware #infosec
Christmas in July: A Finely Wrapped Proxy Service

Spur
Show threadcruddJul 26, 2023
https://Spur.us ,who track proxy networks, was able to correlate the research to a well-known residential proxy service called SocksEscort. @briankrebs wrote about it yesterday https://krebsonsecurity.com/2023/07/who-and-what-is-behind-the-malware-proxy-service-socksescort/
#avrecon #linux #malware #infosec
Beat fraud, boost revenue - Spur

Spur provides cutting-edge tools and data to detect VPNs, residential proxies, and bots - helping you stay ahead of the latest evasion methods.

Spur
KrebsOnSecurity RSSJul 26, 2023

Who and What is Behind the Malware Proxy Service SocksEscort?

https://krebsonsecurity.com/2023/07/who-and-what-is-behind-the-malware-proxy-service-socksescort/

#InternetofThings(IoT) #ALittleSunshine #DomainTools.com #AdrianCrismaru #BlackLotusLabs #WebFraud2.0 #RileyKilmer #SocksEscort #Intel471 #AVrecon #spur.us #wiremo #Lumen

Who and What is Behind the Malware Proxy Service SocksEscort? – Krebs on Security

dispatchJul 25, 2023
Who and What is Behind the Malware Proxy Service SocksEscort? https://krebsonsecurity.com/2023/07/who-and-what-is-behind-the-malware-proxy-service-socksescort/ #InternetofThings(IoT) #ALittleSunshine #DomainTools.com #AdrianCrismaru #BlackLotusLabs #WebFraud2.0 #RileyKilmer #SocksEscort #Intel471 #AVrecon #spur.us #wiremo #Lumen
Who and What is Behind the Malware Proxy Service SocksEscort? – Krebs on Security

ITSEC NewsJul 25, 2023
Who and What is Behind the Malware Proxy Service SocksEscort? - Researchers this month uncovered a two-year-old Linux-based remote access trojan d... https://krebsonsecurity.com/2023/07/who-and-what-is-behind-the-malware-proxy-service-socksescort/ #internetofthings(iot) #alittlesunshine #domaintools.com #adriancrismaru #blacklotuslabs #webfraud2.0 #rileykilmer #socksescort #intel471 #avrecon #spur.us #wiremo #lumen
Who and What is Behind the Malware Proxy Service SocksEscort? – Krebs on Security

WinFuture.deJul 16, 2023
Die #Botnetz-Malware #AVrecon hat in den letzten zwei Jahren unbemerkt 70.000 #Router infiziert. https://winfuture.de/news,137423.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia
AVrecon: Malware infiziert unentdeckt Router & baut Botnetz auf

Eine Malware hat über einen Zeitraum von zwei Jahren unentdeckt zehn­tau­sen­de Router infiziert. Die betroffenen Geräte kommen in kleineren Büros zum Einsatz und werden von Privatnutzern verwendet. Gekaperte Router wurden zum Aufbau eines Botnetzes genutzt.

Scripter Jul 15, 2023
Auch Privatanwender betroffen: Botnetz-Malware infiziert über 70.000 Router - Golem.de
https://www.golem.de/news/auch-privatanwender-betroffen-botnetz-malware-infiziert-ueber-70-000-router-2307-175881.html #Cybercrime #Botnetz #Router #Malware #Avrecon
Auch Privatanwender betroffen: Botnetz-Malware infiziert über 70.000 Router - Golem.de

Eine Botnetz-Malware ist mindestens zwei Jahre unentdeckt geblieben und hat in dieser Zeit über 70.000 Router infiziert.

Golem.de