- 3 hrs ago Apple Aims to Make 25 Percent iPhones in India: Piyush Goyal
- 5 hrs ago Honda Activa Electric Edition Launch Confirmed: Is ICE Petrol Version Retiring?
- 5 hrs ago Jio True 5G Services Added To 50 More Cities; Now Available In 184 Cities In India
- 6 hrs ago Tecno Pova 5G vs Infinix Zero 5G: Comparison
- News UK's House of Lords member writes to BBC not to air 2nd part of series on PM Modi
- Movies Jabardasth Rithu Chowdary's Father Passes Away; Actress Shares A Heart-Wrenching Post On Instagram
- Sports ISL Transfer: Lenny Rodrigues returns to FC Goa, Glan Martins leaves on loan
- Lifestyle Warning Stroke Transient Ischemic Attack: Why Is It Important To Get Immediate Medical Care?
- Finance 2 Stocks From Financial Sector To Buy For Up To 46% Return As Suggested By Top Brokerage Houses
- Automobiles Buzzworthy Conversations: Saurabh Vatsa, Brand Head, Citroën India Reveals the eC3's Secrets
- Travel Uttar Pradesh Bird And Nature Festival 2023 Dates Are Out! All You Need To Know
- Education Karnataka PGCET 2022 Mock Allotment Result Released; Know How to Check
How US Shut Russian Botnet RSOCKS That Hacked Millions Of IoT Devices
A Russian botnet called RSOCKS has been dismantled by the US Feds. However, the botnet infected millions of devices globally before it was shut down. The botnet also hacked many electronic devices across the globe under the disguise of a proxy service. It also started compromising Android devices and conventional computers.
As per the US Department of Justice (DoJ), the botnet’s specialty was giving cover for large-scale credential-stuffing attacks by giving clients access to the IP addresses of these nodes for proxy purposes.
How RSOCKS Conducted Cyberattacks?
Using a web-based “storefront” users were able to rent access to a set of proxies for a specific duration. The prices for these services ranged from $30 per day for accessing 2,000 proxies to $200 per day for access to 90,000 proxies.
"The customer could then route malicious internet traffic through the compromised victim devices to mask or hide the true source of the traffic," according to the DoJ's statement.
"It is believed that the users of this type of proxy service were conducting large-scale attacks against authentication services, also known as credential stuffing, and anonymizing themselves when accessing compromised social media accounts, or sending malicious email, such as phishing messages."
How Was The Botnet Dismantled?
The DoJ joined forces with law enforcement in Germany, the Netherlands, and the UK to “dismantle” the botnet. The FBI investigators used a simple tactic of buying access to RSOCKS to infiltrate and identify its back-end infrastructure and the victims of the botnet. The undercover operation started back in 2017 and identified around 325,000 compromised devices across the world.
The case was handled by the FBI and prosecuted by Assistant U.S. Attorney Jonathan I. Shapiro of the Southern District of California and Ryan K.J. Dickey, Senior Counsel for the Department of Justice Criminal Division’s Computer Crimes and Intellectual Property Section.
Back in September 2020, FBI Director Christopher Wray announced that the FBI will be building a new strategy to curb cyberattacks. The strategy emphasizes imposing risk and consequences on cyber adversaries via the FBI’s unique authorities and partnerships. Cyberattack victims are encouraged to report the incident online with the Internet Crime Complaint Center (IC3).
IoT Sector Could See Rise In Cyberattacks
With rising cyberattacks against IoT devices, threat researchers are concerned and warned companies to ensure their devices have processes in place to defend them against such attacks. Previously, threat intelligence company Intel 471 said a rise in attacks on IoT devices in the last two years has led to the theft of confidential information and creation of massive botnets for taking out distributed denial-of-service (DDoS) attacks.
The firm also noticed malware codebases Mirai and Gafgyt being used to infect connected devices. The threat is only meant to grow in 2022 as cybercriminals have shifted their focus to more lucrative motives, according to Michael DeBolt, chief intelligence officer for Intel 471.
"As IoT devices become more and more commonplace, and industries increase their dependency on these devices for their uptime and operations ... we expect to see the shift to targeted ransomware and IoT botnet operators working with access merchants to identify potential targets," he says.