An international law enforcement operation shut down a service called SocksEscort, which allegedly helped cybercriminals all over the world launch ransomware and DDoS attacks, as well as distribute child sexual abuse material.

TechCrunch (TC) is a leading technology news and media site that covers the latest trends, startups, and innovations in the tech industry. With breaking news,  analysis, and expert commentary, TechCrunch provides  insights into the world of technology and entrepreneurship. Developers can learn about emerging technologies, funding opportunities, and market trends by following TechCrunch's coverage of the tech industry.

TechCrunch

A global law enforcement coalition, including the DOJ and Europol, has shut down SocksEscort, a criminal proxy service built on a botnet of over 369,000 compromised home and small business routers across 163 countries. The service, powered by malware called AVRecon, allowed paying criminals to hide their IP addresses while conducting ransomware attacks, DDoS attacks, bank fraud, fraudulent unemployment claims, and distribution of child sexual abuse material. Black Lotus Labs, which tracked the botnet since 2023 and called it one of the largest SOHO router botnets in recent history, assisted in the takedown. The SocksEscort website has been seized and infected routers disconnected from the service.

Law enforcement shuts down botnet made of tens of thousands of hacked routers