The Federal Bureau of Investigation (FBI), Defense Criminal Investigative Services (DCIS), and Department of Commerce (DOC) are publishing this announcement to notify the public of the dismantlement of the 911 S5 residential proxy service and to help individuals and businesses better understand and guard against 911 S5 proxy service and botnet.
911 S5 began operating in May 2014 and was taken offline by the administrator in July 2022 before rebranding as Cloudrouter in October 2023. 911 S5 was one of the largest residential proxy services and botnet with over 19 million compromised IP addresses in over 190 countries and confirmed victim losses in the billions of dollars.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- CISA and Partners Release Joint Cybersecurity Advisory on Newly Identified Truebot Malware Variants
July 6, 2023
Today, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigations (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS) released a joint Cybersecurity Advisory (CSA), Increased Truebot Activity Infects U.S. and Canada Based Networks, to help organizations detect and protect against newly identified Truebot malware ...
- Thousands of Fortinet firewalls are unpatched against this serious security bug, so patch now
July 4, 2023
Hundreds of thousands of FortiGate firewalls are yet to be patched against a flaw being actively used in the wild, experts have revealed. Cybersecurity researchers from Bishop Fox recently used the Shodan.io search engine for internet-connected devices to look for servers with HTTPS responses that suggested the software was outdated. The results brought back almost 490,000 ...
- A proxyjacking campaign is looking for vulnerable SSH servers
June 30, 2023
A researcher at Akamai has posted a blog about a worrying new trend -proxyjacking – where criminals sell your bandwidth to a third-party proxy service. To understand how proxyjacking works, we’ll need to explain a few things. There are several legitimate services that pay users to share their surplus Internet bandwidth, such as Peer2Profit and HoneyGain. ...
- Rosenergoatom official says Zaporozhye NPP has to deal with daily cyberattacks
June 15, 2023
Every day, the Zaporozhye nuclear power plant (ZNPP) has to deal with cyberattacks, an adviser to the director general of Russia’s Rosenergoatom nuclear power engineering company has said. “Every day, networks of the Rosenergoatom concern, of the Rosatom state corporation and of the plant’s operating company, JSC Zaporozhye NPP, are subjected to powerful DDoS attacks,” Renat ...
- Adversaries increasingly using vendor and contractor accounts to infiltrate networks
June 6, 2023
The software supply chain has become a key security focus for many organizations, but the risks associated with supply chain attacks are often misunderstood. High-profile incidents like those reported by 3CX and MSI routinely grab headlines, continuing a trajectory of big-name security events that involve one specific aspect of the supply chain – software. Successful software-focused ...
- Warning issued over ‘widespread’ exploitation of Zyxel NAS devices
June 1, 2023
Security researchers at two companies have issued warnings over ‘widespread’ exploitation of Zyxel network devices. Researchers at Rapid7 raised the alarm over the ongoing exploitation of a critical authenticated command injection vulnerability, tracked as CVE-2023-28771, that was found to affect multiple Zyxel devices. Read more… Source: ITPro