Experts reported discovering fake proxy services to manage routers and smartphones. It took the attackers approximately 72 hours to include approximately 6 thousand Asus routers, as well as approximately 40 thousand routers of different models in 88 countries, into the botnet.
Most of the infected routers are predominantly registered to the Faceless proxy service, which hackers use for anonymization, and the majority of the bots that make up TheMoon are based in the United States.
Additionally, Satori Intelligence experts discovered 28 applications on the Google Play service that secretly enable user devices to run on the ProxyLib proxy network consisting of 190 thousand nodes. ProxyLib is associated with a fake VPN client that infects smartphones that was removed from Google Play and later used in banner ad fraud.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
