The RSOCKS Botnet is Knocking Businesses’ Socks Off

Botnets, or massive numbers of connected devices all infected by the same malware, can be used in devastating attacks against networks, bringing down services of businesses, organizations, and governments alike. One such botnet was recently halted thanks to the efforts of the United States Department of Justice and various law enforcement agencies throughout Europe.

Bringing Down the RSOCKS Botnet

This botnet, consisting of millions of Internet of Things devices, was used by Russian hackers to facilitate attacks under the guise of an Internet service provider, or ISP. Essentially, the botnet acted as a proxy service, disguising itself as a provider that sold legitimate IP addresses through an ISP. Hackers could purchase IP addresses through this service, then reroute their web traffic through the hacked devices so law enforcement could not pin them down.

Attacks were carried out against authentication portals, and because the origins of the attacks were hacked IP addresses, hackers were able to anonymously carry out these attacks. The Department of Justice reports: “It is believed that the users of this type of proxy service were conducting large-scale attacks against authentication services, also known as credential stuffing, and anonymizing themselves when accessing compromised social media accounts, or sending malicious email, such as phishing messages.”

Long Story Short, the Botnet Has Been Compromised

With the FBI having seized control of the RSOCKS botnet and website, hackers can no longer  purchase these IP addresses. For reference, the going rate for these proxies ranged from $30 per day for 2,000 proxies to $200 per day for 9,000 proxies. The user would download a list of their IP addresses and ports, then reroute their traffic through these cracked devices, hiding their identities from authorities. The botnet was originally made up of infected IoT devices, but eventually, even computers and Android devices joined the botnet as it grew ever-larger.

We know what you’re thinking; those prices are awfully affordable, even for wannabe hackers. This is the point we are trying to make. Anyone can take advantage of these services, so you need to be ready to handle these types of threats.

Protect Your Business from Botnets

Botnets are just one reason to be concerned about security for your Internet of Things devices, so you need to do all you can to ensure that they are protected in every way possible. IoT devices are weak on the security side of things due to many users keeping their default passwords on these devices, making them easy to hijack. If your business uses IoT devices in some capacity, be sure to change these settings and set up stricter policies for them, including a dedicated network if possible.

It’s not always easy to protect a business, but thankfully, you have experts like us whom you can call on when you need to. To learn more about what we can do for your organization, reach out to us at (831) 758-3636.

Leave a comment

Your email address will not be published.