This is the post that Brian Krebs put out on Mastodon that caught my attention. You can also search proxy911 for coverage as we put this out on TSB specificly.
BrianKrebs: In July 2022 I published a deep dive into the history of 911 (911s5), a proxy service that had existed for 10 years and was enabling a ridiculous amount of cybercrime and abuse. They built their network mainly by surreptitiously bundling their proxy with other software.
https://krebsonsecurity.com/2022/07/a-deep-dive-into-the-residential-proxy-service-911/
A little over a week later, 911 imploded, saying they’d breached and that someone had wiped all their servers — including user information.
https://krebsonsecurity.com/2022/07/911-proxy-service-implodes-after-disclosing-breach/
Now spur.us, which monitors proxy services, says 911 has officially resurrected itself under a new name — cloudrouter[.]io. Spur says Cloudrouter’s proxies are fed by users who install PaladinVPN, which makes it much more explicit that people running PaladinVPN are in fact agreeing to share their IP address with others.
Spur says 911 already has > 130,000 nodes worldwide. They installed PaladinVPN and then saw their IP pop up almost immediately for rent at Cloudrouter.
https://spur.us/cloudrouter-911-proxy-resurrected/
We talked about spur.us before, especially in this context, and I read the article linked here. CloudRouter: 911 Proxy Resurrected is the article.
We want people to know what’s going on, and it honestly doesn’t surprise me that news of this kind has come out.
Sometimes, we learn that they’re gone and hear nothing more, others like this, we hear that they’re still around.
This is going to get quite interesting, and I hope that people are aware of this new development. If they aren’t, they need to learn about this.
This is the first I’m hearing about it, under this new name anyway, and I hope there’s a way to get it shut down. This is one of these services that should be illegal. Hiding crap in your policies to hide the nature of your traffic should really be outlawed.
Until that happens, keep informed, and stay aware.
What to check out
First, search proxy 911 with spaces to get searches, but there might be some you want to check out.
- podcast 108 of TSB
- asking the question of what happened to our proxy services
- podcast 146 wjen searching for proxy without 911
- AWM PROXY and the GLUPTEBA Botnet, lots of similarities
This might be some, so searh proxy or proxy 911 and read what you want.
Let the fun continue!
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.