spur.us

June 28, 2022

The Link Between AWM Proxy & the Glupteba Botnet

This post was originally published on this siteOn December 7, 2021, Google announced it was suing two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. That same day, AWM Proxy — a 14-year-old anonymity service that rents hacked PCs to cybercriminals — suddenly went offline. Security experts had long seen a link between Glupteba and AWM Proxy, but new research shows AWM Proxy’s founder is one of the men being sued by Google. AWMproxy, the storefront for renting access to infected PCs, circa 2011. Launched […]
July 18, 2022

A Deep Dive Into the Residential Proxy Service ‘911’

This post was originally published on this site The 911 service as it exists today. For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States. 911 says its network is made up entirely of users who voluntarily install its “free VPN” software. But new research shows the proxy service has a long history of purchasing installations via shady “pay-per-install” affiliate marketing schemes, […]
July 29, 2022

911 Proxy Service Implodes After Disclosing Breach

This post was originally published on this site The 911 service as it existed until July 28, 2022. 911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its business operations. The abrupt closure comes ten days after KrebsOnSecurity published an in-depth look at 911 and its connections to shady pay-per-install affiliate programs that secretly bundled 911’s proxy software with other titles, including “free” utilities and pirated software. 911[.]re is was […]
April 18, 2023

Giving a Face to the Malware Proxy Service ‘Faceless’

This post was originally published on this siteFor the past seven years, a malware-based proxy service known as “Faceless” has sold anonymity to countless cybercriminals. For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service. In this post we’ll examine clues left behind over the past decade by the proprietor of Faceless, including some that may help put a face to the name. The proxy lookup page inside the malware-based anonymity service Faceless. Image: spur.us. Riley Kilmer is co-founder of Spur.us, a company that tracks […]