Russian threat actors combine domain name vulnerabilities with hidden router proxy techniques to scale their attacks while remaining shielded from detection.

Executive Summary The Black Lotus Labs team at Lumen Technologies has identified a multi-year campaign targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices, associated with an updated version of “TheMoon” malware. TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from 88 countries in January and

A Russian and Moldovan national pled guilty to three counts of violating 18 U.S.C. § 1030(a)(5)(A) Fraud and Related Activity in Connection with Computers.

The FBI today revealed US law enforcement’s dismantlement of a botnet proxy network and its infrastructure associated with the IPStorm malware.

According to online reports, the botnet infrastructure had infected Windows systems then further expanded to infect Linux, Mac, and Android devices, victimizing computers and other electronic devices around the world, including in Asia, Europe, North America and South America.

As demand for malicious proxy services continues, new players have entered the market. Black Proxies is marketed to other cybercriminals for their reliability, scope, and overwhelming number of IP addresses.

911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its…