The United States and its allies dismantle the RSOCKS botnet which uses IP addresses for cyberattacks


The United States Department of Justice said on Thursday that a joint operation by the United States and its allies had succeeded disassembled a network of devices that have been hacked by Russian cyberattackers.

The operation was carried out by law enforcement agencies from the United States, Germany, the Netherlands and Great Britain. The Federal Bureau of Investigation (FBI) played a crucial role in the operations.

The Federal Bureau of Investigation seized the website pursuant to a seizure warrant obtained by the US Attorney’s Office for the Southern District of California and the US Department of Justice.

A press release dated June 16, 2022, said the RSOCKS botnet network had hacked into millions of personal computers. Attackers have also targeted internet-connected devices, gadgets like routers, smart garage door openers, and more.

According to the DoJ report, the RSOCKS botnet has hacked into millions of devices. The IP addresses of devices connected to the Internet have been used by RSOCKS.

RSOCKS then sold these IP addresses to users who would pay the network for the proxy IP addresses. The most surprising fact is that the actual owners will not even know about their IP address being hacked or sold for money. What happens next to these IP addresses is the most dangerous part.

People who use RSOCKS to buy proxy addresses should pay somewhere between $30 and $200 per day. These users will have access to millions of thousands of IP addresses depending on what they pay to RSOCKS.

Those who buy these IP addresses will use them as a proxy to route malicious traffic to the internet. The originating devices and IP addresses will act as a mask (proxy) for all malicious and criminal activity that occurs using those IP addresses.

IP addresses purchased in this way through RSOCKS fall into the hands of cybercriminals who use them to attack authentication services, social media attacks, sending malicious emails, etc.

Since not everyone on the internet is tech-savvy, a significant portion of the population falls into the trap of something like this.

According to FBI Special Agent in Charge Stacey Moy, the joint operation “disrupted a highly sophisticated cybercrime organization.” Investigative agencies and the Ministry of Justice confirmed that these Russian cybercriminals controlled these networks. They use networks such as RSOCKS to carry out massive phishing and cyberattacks against individuals and organizations, she said.

In similar cyberattacks, many websites and government entities have been targeted around the world.

FBI undercover operation

The DoJ specifically praised FBI investigators for conducting covert sting operations to gain access to RSOCKS botnet networks.

The FBI made undercover purchases in the first few months of 2017 and discovered nearly 325,000 devices were compromised in San Diego County alone.

In other investigations, investigative agencies confirmed that attacks had taken place around the world.

The report states that several public and private entities, universities, hotel chains and electronics manufacturers have been attacked by RSOCKS.


Comments are closed.