US and European Authorities Disrupt SocksProxy Network Powered by Linux Malware

Vaibhav March 14, 2026
US-and-European-Authorities-Disrupt-SocksProxy-Network-Powered-by-Linux-Malware-1
Post Views: 102

Global Law Enforcement Takes Down Massive Proxy Network

A global law enforcement operation has taken down a massive proxy network known as SocksEscort, which utilized Linux malware to compromise thousands of routers worldwide.

The Operation

The network, which was dismantled by US and European authorities, enabled cybercriminals to mask their identities and conduct illicit activities, including fraud and financial crimes.

The operation, led by the US Department of Justice in collaboration with European law enforcement agencies and private sector partners, targeted the infrastructure supporting the network and seized associated assets, including domains, servers, and cryptocurrency.

According to investigators, the SocksEscort network relied on malware known as AVrecon, which targeted vulnerable Linux-based routers and edge devices. Once infected, these devices were converted into proxy nodes, allowing cybercriminals to route malicious internet traffic through compromised residential IP addresses. This enabled them to bypass security systems and evade detection.

The Network’s Impact

The network’s operators sold access to the compromised devices to other threat actors, who used them to conduct various forms of cyber-enabled fraud. The service reportedly offered customers access to around 369,000 IP addresses worldwide, with approximately 8,000 infected routers actively available through the platform as of February 2026.

Law enforcement agencies linked the proxy service to multiple cases of fraud, including the theft of $1 million worth of cryptocurrency from a victim in New York and a $700,000 loss suffered by a Pennsylvania-based manufacturing company. Additionally, authorities reported $100,000 in losses affecting current and former US service members who used MILITARY STAR credit accounts.

The Takedown

The takedown involved the seizure of 34 domains associated with the service and the shutdown of 23 servers located in seven countries. Authorities also froze approximately $3.5 million in cryptocurrency linked to the operation. As part of the disruption, infected devices that had been used to support the proxy network were disconnected from the service.

The operation was the result of international cooperation between US agencies and law enforcement bodies in Austria, France, and the Netherlands, coordinated through Europol. Officials say the operation demonstrates the growing need for global cooperation to dismantle large-scale cybercrime networks.

The Ongoing Threat

Proxy services like SocksEscort are widely used in criminal operations due to their ability to conceal attackers’ locations and bypass network security filters. Authorities continue to investigate individuals associated with the service and have urged organizations and device owners to secure routers and IoT devices against malware infections that can turn them into nodes in criminal proxy networks.



About Author

Vaibhav

See author's posts

More Stories

www.news4hackers.com-copycat-linux-vulnerability-exploit-spotted-copycat-linux-vulnerability-exploit-spotted

Copycat Linux Vulnerability Exploit Spotted

Vaibhav May 4, 2026
www.news4hackers.com-investment-scams-rise-in-vizag-educated-individuals-most-affected-investment-scams-rise-in-vizag-educated-individuals-most-affected

Investment Scams Rise in Vizag: Educated Individuals Most Affected

Vaibhav May 4, 2026
www.news4hackers.com-fraud-prevention-efforts-unintended-consequences-affect-innocent-bank-account-holders-fraud-prevention-efforts-unintended-consequences-affect-innocent-bank-account-holders

Fraud Prevention Efforts’ Unintended Consequences Affect Innocent Bank Account Holders

Vaibhav May 4, 2026

Latest Cyber Security News

www.news4hackers.com-android-malware-spotted-on-popular-game-platform-via-scarcruft-hackers-android-malware-spotted-on-popular-game-platform-via-scarcruft-hackers

Android Malware Spotted on Popular Game Platform via ScarCruft Hackers

Vaibhav May 5, 2026
www.news4hackers.com-whatsapp-warns-users-about-security-flaws-file-spoofing-and-malicious-urls-whatsapp-warns-users-about-security-flaws-file-spoofing-and-malicious-urls

WhatsApp Warns Users About Security Flaws: File Spoofing and Malicious URLs

Vaibhav May 5, 2026
www.news4hackers.com-metinfo-vulnerability-ecology-attacks-by-hackers-metinfo-vulnerability-ecology-attacks-by-hackers

Metinfo Vulnerability – Ecology Attacks by Hackers

Vaibhav May 5, 2026
www.news4hackers.com-interstate-cyber-crime-ring-dismantled-5-suspects-caught-for-phony-investments-and-gigs-interstate-cyber-crime-ring-dismantled-5-suspects-caught-for-phony-investments-and-gigs

Interstate Cyber Crime Ring Dismantled: 5 Suspects Caught for Phony Investments and Gigs

Vaibhav May 5, 2026
www.news4hackers.com-current-cybersecurity-job-openings-2026-current-cybersecurity-job-openings-2026

Current Cybersecurity Job Openings 2026

Vaibhav May 5, 2026
en_USEnglish
en_USEnglish