DOJ, international law enforcement disrupt massive RSOCKS botnet

Written by
Jun 17, 2022 | CYBERSCOOP

An international operation involving the U.S. Department of Justice alongside law enforcement officials in Germany, the Netherlands and the United Kingdom took down a Russian botnet made up of millions of hacked internet-connected devices, the DOJ said in a statement Thursday.

Federal prosecutors in the Southern District of California said operators of a botnet botnet known as “RSOCKS” leased access to tens of thousands of compromised internet-connected devices at at time to carry out a variety of malicious actions.

A botnet — a group of compromised internet-connected devices that can be controlled as a group — can be used toward a variety of malicious ends such as to flood targets with traffic, send spam email or engage in credential stuffing at scale, where attackers use stolen username/password combinations to gain access to user accounts with automated login attempts.

It’s the second known international operation to take down a botnet this month alone. Botnets, however, can prove difficult to put down for good, and sometimes bounce back from such operations.

According to the unsealed search warrant in the case, the FBI have been investigating RSOCKS dating back to late 2016.

Read More: