Law Enforcement Dismantles SocksEscort Proxy Network in Operation Lightning
Operation Lightning sees international law enforcement partners shut down ‘SocksEscort,’ a major malicious proxy service used by cybercriminals worldwide
Proxy servers can mask network origins, filter traffic, and create security risks when attackers abuse them for evasion or unauthorized access.
Search across headline titles and summaries.
Background for this topic.
A proxy is an intermediary that sends requests to a destination and returns responses, so the client and destination do not communicate directly. A forward proxy represents users or systems making outbound connections; a reverse proxy represents an application or service to inbound clients and may route traffic, terminate TLS, or enforce authentication. This tag generally concerns these network components, not browser-based privacy tools alone.
Security depends heavily on configuration and trust boundaries. A forward proxy can enforce egress policy and provide useful logs, but an exposed or misconfigured one may permit unauthorized relaying, while proxy logs can reveal sensitive browsing or business activity. TLS inspection requires controlled certificate deployment and careful handling of decrypted traffic. Reverse proxies reduce direct exposure of back-end services, but access controls must not rely solely on them, and forwarded client-IP headers must be trusted only from known proxies. During investigations, proxy logs help reconstruct connections, but shared addresses and address translation can complicate attribution.
Operation Lightning sees international law enforcement partners shut down ‘SocksEscort,’ a major malicious proxy service used by cybercriminals worldwide
A court-authorized international law enforcement operation has dismantled a criminal proxy service named SocksEscort that enslaved thousands of residential routers worldwide into a botnet for committing large-scale fraud
The botnet, which compromised routers and IoT devices in 163 countries, claimed about 369,000 victims and $5.8 million from its cybercriminal customers, officials said. The post Authorities takedown global proxy network SocksEscort appeared first on CyberScoop.
International cops stuck down 23 servers in 7 countries Cops from eight countries this week disrupted SocksEscort, a residential proxy service used by criminals to compromise hundreds of thousands of routers worldwide and carry out digital fraud, costing businesses and consumers millions.…
Law enforcement agencies in the U.S. and Europe along with private partners have disrupted the SocksEscort cybercrime proxy network that used only edge devices compromised via the AVRecon malware for Linux. [...]
Cybersecurity researchers have discovered a new malware called KadNap that's primarily targeting Asus routers to enlist them into a botnet for proxying malicious traffic
A newly discovered botnet malware called KadNap is targeting ASUS routers and other edge networking devices to turn them into proxies for malicious traffic. [...]