The Federal Bureau of Investigation (FBI), Defense Criminal Investigative Services (DCIS), and Department of Commerce (DOC) are publishing this announcement to notify the public of the dismantlement of the 911 S5 residential proxy service and to help individuals and businesses better understand and guard against 911 S5 proxy service and botnet.
911 S5 began operating in May 2014 and was taken offline by the administrator in July 2022 before rebranding as Cloudrouter in October 2023. 911 S5 was one of the largest residential proxy services and botnet with over 19 million compromised IP addresses in over 190 countries and confirmed victim losses in the billions of dollars.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- Massive Zero-Day Hole Found in Palo Alto Security Appliances
November 10, 2021
UPDATE: Researchers have a working exploit for the vulnerability (now patched), which allows for unauthenticated RCE and affects what Palo Alto clarified is an estimated 10,000 VPN/firewalls. Researchers have developed a working exploit to gain remote code execution (RCE) via a massive vulnerability in a security appliance from Palo Alto Networks (PAN), potentially leaving 10,000 vulnerable ...
- Critical Citrix DDoS Bug Shuts Down Network, Cloud App Access
November 10, 2021
A critical security bug in the Citrix Application Delivery Controller (ADC) and Citrix Gateway could allow cyberattackers to crash entire corporate networks without needing to authenticate. The two affected Citrix products (formerly the NetScaler ADC and Gateway) are used for application-aware traffic management and secure remote access, respectively. The federated working specialist pushed out a security ...
- Cloudflare report highlights devastating DDoS attacks on VoIP services and several ‘record-setting HTTP attacks’
November 5, 2021
Cloudflare released its Q3 DDoS Attack Trends report this week, capping a record-setting quarter that saw a number of devastating attacks on VoIP services. Cloudflare researchers said they saw the several “record-setting HTTP DDoS attacks, terabit-strong network-layer attacks and one of the largest botnets ever deployed (Meris),” noting the emergence of ransom DDoS attacks on voice ...
- Network Scanning Traffic Observed in Public Clouds
October 28, 2021
Tracking network scanning activities can help researchers understand which services are being targeted. By monitoring the origins of the scanners, researchers can also identify compromised endpoints. If a host belonging to a known organization suddenly starts to scan a part of the internet, it is a strong indicator that the host is compromised. This blog summarizes ...
- Lyceum group reborn
October 18, 2021
This year, Kaspersky researchers presented their research into the Lyceum group (also known as Hexane), which was first exposed by Secureworks in 2019. In 2021, we have been able to identify a new cluster of the group’s activity, focused on two entities in Tunisia. According to older public accounts of the group’s activity, Lyceum conducted targeted ...
- Security Risks with Private 5G in Manufacturing Companies Part. 2
October 15, 2021
The steel industry is a prime area for installing Private 5G Private 5G is said to bring about the “democratization of communications.” This technology allows private companies and local governments to take the driving seat in operating the latest information communication systems. However, not all organizations have the knowledge and ability to deal with telecom technology, ...