The Federal Bureau of Investigation (FBI), Defense Criminal Investigative Services (DCIS), and Department of Commerce (DOC) are publishing this announcement to notify the public of the dismantlement of the 911 S5 residential proxy service and to help individuals and businesses better understand and guard against 911 S5 proxy service and botnet.
911 S5 began operating in May 2014 and was taken offline by the administrator in July 2022 before rebranding as Cloudrouter in October 2023. 911 S5 was one of the largest residential proxy services and botnet with over 19 million compromised IP addresses in over 190 countries and confirmed victim losses in the billions of dollars.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- WHY IT IS IMPORTANT TO USE PROFESSIONAL ANTI-DDoS SOLUTIONS
September 28, 2020
By StormWall DDoS attacks have become the most common and affordable cyber weapon (the cost of launching an efficient DDoS attack may start from $50 per day). Thus, a DDoS attack is a simple way to cause damage that can have long-term consequences. During an attack, the targeted websites or services become unavailable. As a result, ...
- Mozi Botnet Accounts for Majority of IoT Traffic
September 17, 2020
The Mozi botnet, a peer-2-peer (P2P) malware known previously for taking over Netgear, D-Link and Huawei routers, has swollen in size to account for 90 percent of observed traffic flowing to and from all internet of things (IoT) devices, according to researchers. IBM X-Force noticed Mozi’s spike within it’s telemetry, amid a huge increase in overall ...
- Network Attack Trends: Attackers Leveraging High Severity and Critical Exploits
September 15, 2020
From May 1-July 21, 2020, Unit 42 researchers captured global network traffic from firewalls around the world and then analyzed the data to examine the latest network attack trends. The majority of attacks we observed were classified as high severity (56.7%), and nearly one quarter (23%) were classified as critical. The most common vulnerabilities exploited ...
- Upgraded Agent Tesla malware steals passwords from browsers, VPNs
August 10, 2020
New variants of Agent Tesla remote access Trojan now come with modules dedicated to stealing credentials from applications including popular web browsers, VPN software, as well as FTP and email clients. Agent Tesla is a commercially available .Net-based infostealer with both remote access Trojan (RAT) and with keylogging capabilities active since at least 2014. This malware is ...
- Cisco alert: Four high-severity flaws in routers, switches and AnyConnect VPN for Windows
August 6, 2020
Cisco is urging customers to update small business switches, its DNA Center software, routers with its StarOS software, and its AnyConnect Secure Mobility VPN client for Windows. Cisco has disclosed a bug in the IPv6 packet processing engine of several Cisco Small Business Smart and Managed Switches that could allow a remote attacker without credentials to ...
- Hacker leaks passwords for 900+ enterprise VPN servers
August 5, 2020
A hacker has published today a list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers. ZDNet, which obtained a copy of this list with the help of threat intelligence firm KELA, verified its authenticity with multiple sources in the cyber-security community. According to a review, the list ...