Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

400K Proxy Botnet Revealed

August 17, 2023
Reading Time: 2 mins read
in Alerts
400K Proxy Botnet Revealed

A sweeping cybersecurity exposé has brought to light a vast and clandestine operation involving the deployment of proxy server applications to a staggering 400,000 Windows systems. Researchers have uncovered this mammoth campaign that has turned these devices into residential exit nodes, unbeknownst to their users. Intriguingly, a company is capitalizing on the proxy traffic flowing through these machines.

While residential proxies can have legitimate uses such as ad verification and data scraping, they are also being exploited for malicious activities, including large-scale credential stuffing attacks.

AT&T Alien Labs, in a recent report, revealed that the construction of this colossal 400,000-node proxy network was achieved through the distribution of malicious payloads that facilitated the surreptitious installation of the proxy application.

Astonishingly, despite claims of user consent by the company responsible for the botnet, evidence suggests that malware authors have been clandestinely installing the proxy on compromised systems. The proxy’s legitimate digital signature allows it to go undetected by antivirus software, making its activities harder to identify. In an alarming turn of events, AT&T Alien Labs has found that these proxy applications were installed silently on infected systems, further underscoring the stealthy nature of the campaign.

The same malicious entity also controlled exit nodes created by a separate but related malicious payload known as AdLoad, targeting macOS systems. The synergy between the two payloads highlights a concerning level of sophistication. The infection process starts with the execution of a concealed loader within cracked software and games, a strategy used to automatically download and install the proxy application in the background, evading user detection. This covert installation mechanism, paired with the proxy’s persistence on infected systems, poses a substantial challenge to users and security experts alike.

As the report advises, detecting and mitigating these infections require careful examination of system indicators, vigilance against suspicious software sources, and a proactive stance against these evolving cybersecurity threats.

Reference:
  • ProxyNation: The dark nexus between proxy apps and malware
Tags: August 2023BotnetCyber AlertCyber Alerts 2023CyberattackCybersecurityMalwareVulnerabilitiesWindows
ADVERTISEMENT

Related Posts

TikTok Videos Spread Vidar StealC Malware

TikTok Videos Spread Vidar StealC Malware

May 23, 2025
TikTok Videos Spread Vidar StealC Malware

New ZeroCrumb Malware Steals Browser Cookies

May 23, 2025
TikTok Videos Spread Vidar StealC Malware

CISA Commvault ZeroDay Flaw Risks Secrets

May 23, 2025
GitLab Patch Stops Service Disruption Risks

Function Confusion Hits Serverless Clouds

May 22, 2025
GitLab Patch Stops Service Disruption Risks

3AM Ransomware Email Bomb and Vishing Threat

May 22, 2025
GitLab Patch Stops Service Disruption Risks

GitLab Patch Stops Service Disruption Risks

May 22, 2025

Latest Alerts

New ZeroCrumb Malware Steals Browser Cookies

TikTok Videos Spread Vidar StealC Malware

CISA Commvault ZeroDay Flaw Risks Secrets

GitLab Patch Stops Service Disruption Risks

3AM Ransomware Email Bomb and Vishing Threat

Function Confusion Hits Serverless Clouds

Subscribe to our newsletter

    Latest Incidents

    Cetus Crypto Exchange Hacked For $223M

    MCP Data Breach Hits 235K NC Lab Patients

    UFCW Data Breach Risks Social Security Data

    Cyberattack Paralyzes French Hauts de Seine

    Santa Fe City Loses $324K In Hacker Scam

    Belgium Housing Hit by Ransomware Attack

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial