Guidance on the 911 S5 Residential Proxy Service


The Federal Bureau of Investigation (FBI), Defense Criminal Investigative Services (DCIS), and Department of Commerce (DOC) are publishing this announcement to notify the public of the dismantlement of the 911 S5 residential proxy service and to help individuals and businesses better understand and guard against 911 S5 proxy service and botnet.

911 S5 began operating in May 2014 and was taken offline by the administrator in July 2022 before rebranding as Cloudrouter in October 2023. 911 S5 was one of the largest residential proxy services and botnet with over 19 million compromised IP addresses in over 190 countries and confirmed victim losses in the billions of dollars.

Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division


Sign up for our Newsletter


Related:

  • New macOS Trojan-Proxy piggybacking on cracked software

    December 6, 2023

    Illegally distributed software historically has served as a way to sneak malware onto victims’ devices. Kaspersky researchers have recently discovered several cracked applications distributed by unauthorized websites and loaded with a Trojan-Proxy. Attackers can use this type of malware to gain money by building a proxy server network or to perform criminal acts on behalf of ...

  • UK: Sellafield nuclear site hacked by groups linked to Russia and China

    December 4, 2023

    The UK’s most hazardous nuclear site, Sellafield, has been hacked into by cyber groups closely linked to Russia and China, the Guardian can reveal. The astonishing disclosure and its potential effects have been consistently covered up by senior staff at the vast nuclear waste and decommissioning site, the investigation has found. The Guardian has discovered that ...

  • The Unseen Layers: Exploring The Tactics Of Multistage .NET Malware Packers

    November 27, 2023

    Recently, the SonicWall Capture Labs Threat Research team has identified a new .NET Packer that is currently being widely used by the various stealers such as Lokibot, AgentTesla etc. In the ever-evolving landscape of cybersecurity threats, malicious actors continue to develop sophisticated techniques to compromise systems and exploit vulnerabilities. One such method gaining prominence is the ...

  • DHS Cybersecurity and Infrastructure Security Agency Releases Roadmap for Artificial Intelligence 

    November 14, 2023

    WASHINGTON – Today the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released its first Roadmap for Artificial Intelligence (AI), adding to the significant DHS and broader whole-of-government effort to ensure the secure development and implementation of artificial intelligence capabilities. DHS plays a critical role in ensuring AI safety and security nationwide. Last ...

  • OpenAI Blames ChatGPT’s Intermittent Outages On ‘Abnormal Traffic’ That Suggests Potential Cyber Attack

    November 9, 2023

    ChatGPT continued to face intermittent outages late Wednesday, which the platform’s maker OpenAI blamed on a potential cyberattack, hours after the AI chatbot platform recovered from a wide outage that the company initially attributed to a surge in interest for its new features. Early on Thursday, OpenAI’s service status page displayed a notification saying both ChatGPT ...

  • Understanding DNS Tunneling Traffic in the Wild

    October 13, 2023

    Palo Alto Unit 42 researchers present a study on why and how domain name system (DNS) tunneling techniques are used in the wild. Motivated by their findings, they present a system to automatically attribute tunneling domains to tools and campaigns. Attackers adopt DNS tunneling techniques to bypass security policies in enterprise networks because most enterprises ...