嗯,用户让我帮忙总结一下这篇文章的内容,控制在一百个字以内,而且不需要用“文章内容总结”或者“这篇文章”这样的开头,直接写描述就行。好的,首先我得仔细阅读文章内容。 文章讲的是一个全球执法联盟关闭了一个由被黑的路由器组成的僵尸网络,叫SocksEscort。这个僵尸网络被用来提供付费代理服务,用于各种犯罪活动,比如入侵银行和加密货币账户,以及提交欺诈性的失业保险申请。司法部说这些犯罪给美国人造成了数百万美元的损失。 然后,Europol提到这个僵尸网络影响了超过36.9万台路由器和物联网设备,在163个国家。这些被感染的路由器已经被断开服务。SocksEscort还被用来分发勒索软件、DDoS攻击和儿童性虐待材料。用户支付许可证费用来隐藏他们的IP地址进行犯罪活动。 执法部门还把SocksEscort的官方网站内容替换成了被查封的通知。网络安全公司Black Lotus Labs追踪了这个僵尸网络,并协助执法部门进行打击。他们提到这个僵尸网络由大约28万台路由器组成,使用名为AVRecon的恶意软件。 Black Lotus Labs称这个僵尸网络是一个重大威胁,因为它只针对犯罪分子,并且超过一半的受害者在美国或英国。他们在2023年就称SocksEscort是近年来针对SOHO路由器的最大僵尸网络之一。 总的来说,文章主要讲述了执法部门如何成功打击了一个大型的僵尸网络SocksEscort,并详细说明了其运作方式和影响范围。 现在我需要把这些信息浓缩到100字以内,同时保持关键点:全球执法联盟、关闭僵尸网络、由被黑路由器组成、用于多种犯罪活动、影响范围广、造成重大损失等。 可能的结构是:全球执法联盟关闭由被黑路由器组成的SocksEscort僵尸网络,该网络用于多种犯罪活动如银行入侵和欺诈申请,影响163个国家超36.9万台设备,造成数百万美元损失。 </think> 全球执法联盟关闭了一个由被黑路由器组成的SocksEscort僵尸网络,该网络用于多种犯罪活动如银行入侵和欺诈申请,影响163个国家超36.9万台设备,造成数百万美元损失。 2026-3-12 17:3:41 Author: techcrunch.com(查看原文) 阅读量:7 收藏
A global coalition of law enforcement agencies shut down a botnet made of tens of thousands of hacked home and small business routers on Wednesday.
The operation targeted SocksEscort, which offered paid proxy services and was built on a botnet of hacked routers used to commit various crimes, such as hacking into victims’ bank and cryptocurrency accounts and filing fraudulent unemployment insurance claims, according to an announcement published on Thursday by the Department of Justice (DOJ). The DOJ said the crimes facilitated by SocksEscort cost Americans millions of dollars.
Europol said in its announcement of the operation that the SocksEscort botnet allegedly compromised more than 369,000 routers and Internet of Things devices in 163 countries and that the infected routers “have been disconnected from the service.” The law enforcement agency said SocksEscort was used to facilitate ransomware, distributed denial of service (DDoS) attacks, and the distribution of child sexual abuse material (CSAM).
“Customers of the criminal service paid for licenses to abuse these infected devices, hiding their original IP addresses to engage in various criminal activities,” said Europol. “Upon infection with the malware, the modems’ owners would not be aware that their IP addresses were used for illegitimate activities.”
The content of the SocksEscort official website was replaced by a notice announcing the seizure, as part of the law enforcement operation.
The botnet was composed of around 280,000 routers since last January and was powered by malware called AVRecon, according to cybersecurity firm Black Lotus Labs, which tracked SocksEscort and worked with law enforcement in the takedown operation.
“This botnet posed a significant threat, as it was marketed exclusively to criminals,” the company wrote in its post about the takedown. “Notably, over half of its victims were located in the United States or the United Kingdom, enabling attackers to conduct highly targeted operations.”
In 2023, Black Lotus Labs called SocksEscort “one of the largest botnets targeting small-office/home-office (SOHO) routers seen in recent history.”
At the time, cybersecurity journalist Brian Krebs reported that SocksEscort was born in 2009 as a Russian-language service selling access to thousands of hacked computers.
Lorenzo Franceschi-Bicchierai is a Senior Writer at TechCrunch, where he covers hacking, cybersecurity, surveillance, and privacy.
You can contact or verify outreach from Lorenzo by emailing [email protected], via encrypted message at +1 917 257 1382 on Signal, and @lorenzofb on Keybase/Telegram.
如有侵权请联系:admin#unsafe.sh