RSOCKS (stylized in caps) was a Russian internet proxy service provider that was shut down by the US Department of Justice in June 2022 for using stolen IP addresses from hacked PCs, mobile and IoT devices and then selling them to unsuspecting users.[1][2][3]

History

edit

RSOCKS was launched in 2014. Based on a research done by KrebsonSecurity.com, the site was launched by Denis “Neo” Kloster (Born September 17, 1986), from Omsk, Russia. Other sources suggest that his real last name may be Emilyantsev. According to Kloster's social media posts, he got a US Visa and was operating from New York in 2013, but then decided to travel the world and work remotely.[4]

When in existence, RSOCKS offered residential, mobile, and data center proxies on shared or dedicated basis.[5][6]

Take down

edit

On June 16, 2022, the US Department of Justice announced the take down of RSOCKS .[7] The website displayed a message that it had been seized.[8] The take down was in partnership with the governments of Germany, the Netherlands and the United Kingdom. The Rsocks operation was the largest of its kind and used millions of hacked devices and botnets around the world.[7]

... the RSOCKS botnet, operated by Russian cybercriminals, comprised millions of hacked devices worldwide. The RSOCKS botnet initially targeted Internet of Things (IoT) devices. IoT devices include a broad range of devices—including industrial control systems, time clocks, routers, audio/video streaming devices, and smart garage door openers, which are connected to, and can communicate over, the internet, and therefore, are assigned IP addresses. The RSOCKS botnet expanded into compromising additional types of devices, including Android devices and conventional computers.

The FBI stated that the operation was run by a "highly sophisticated Russia-based cybercrime organization." However it did not disclose any specific suspect names, nor did they disclose that anyone was arrested.[7]

According to the DoJ, anyone could buy proxies from RSOCKS and pay for access to a pool of proxies for a specified time period, with prices ranging from $30 per day for access to 2,000 proxies to $200 per day for access to 90,000 proxies.[1][9]

See also

edit

References

edit
  1. ^ a b Robinson, Dan. "International operation takes down Russian RSOCKS botnet". www.theregister.com. Retrieved 2022-06-25.
  2. ^ "U.S., partners dismantle Russian hacking 'botnet,' Justice Dept says". Reuters. 2022-06-17. Retrieved 2022-06-25.
  3. ^ "After hacking millions of devices, DoJ operation shuts down RSocks botnet". TechSpot. 19 June 2022. Retrieved 2022-06-25.
  4. ^ "Meet the Administrators of the RSOCKS Proxy Botnet – Krebs on Security". 22 June 2022. Retrieved 2022-06-25.
  5. ^ Sharma, Mayank (2020-08-24). "RSocks proxy service review". TechRadar. Retrieved 2022-06-25.
  6. ^ "Rsocks Proxies: In-Depth Review & Performance Tests". Proxyway. Retrieved 2022-06-25.
  7. ^ a b c "Russian Botnet Disrupted in International Cyber Operation". www.justice.gov. 2022-06-16. Retrieved 2022-06-25.
  8. ^ "Rsocks, a popular proxy service, was just seized by the DOJ". TechCrunch. Retrieved 2022-06-25.
  9. ^ Similar Proxy Service like Rsocks