Not all forms of cybercrime have to do with the theft of user data. Another option very dear to cybercriminals are the Botnets; That is, one Network of infected devices (computers, mobiles, etc.) remotely controlled to perform malicious activities How to send spam or launch service denial attacks, among others. This type of activity passes unnoticed by userwhich can have your mobile or computer being part of a botnet for years without even suspecting it.
A good example is 911 S5dismantled a few months ago by the FBIwhich described it as ‘Probably, the world’s largest botnet’. And although the agency dismantled the network, closed the malicious software websites and arrested 3 Chinese citizens for it, apps continue on the Internet, well in third party stores or installed on user devices that have never had news of the subject. They are still malware and could be used again with the same purpose.
The software they used to create 911 S5 was a series of Free VPN applications. A legitimate VPN (Private Network) Create a tunnel ‘encrypted between a device and the Internet, protecting traffic and hiding the IP address. It allows to navigate more privately, access geographically restricted content and maintain safe information, even in public networks. The cybersecurity company Kaspersky has recently warned of growing use of fraudulent VPN They are presented as a free service for the user, citing an increase of 2.5 times in the third quarter of 2024 compared to the second.
‘Free and illegitimate VPNs were packaged inside pirated video games and software that the victims discharged on devices or machines. Once the discharge, the VPN application and the back door of the proxy were completed, were silently installed in the victims’ devices without their consentbecoming without knowing it into victims of the 911 S5 botnet, ‘explained the FBI last May.
The botnet began operating in 2014 And, over a decade, he committed 19 million devices in more than 190 countries. It was a residential proxis platform as a service, RPAs for its acronym in English, which He took advantage of residential IP addresses of users who had downloaded fraudulent VPN to anonymize malicious traffic and evade detection. The administrators sold access to the botnet to cybercriminals who could carry out crimes such as ‘bomb threats, financial fraud, identity theft, child exploitation and initial access intermediation’, an activity that seemed to come from infected devices.
The apps used were:
- Maskvpn.
- DEWVPN.
- Paladinvpn.
- Proxygate.
- Shieldvpn.
- Shinevpn.
If you have any of the listed VPN on your mobile or computer, You must proceed to uninstall it immediately.