911 Proxy Service Shutdown after allerged phishing attacks
In the wake of a data breach that destroyed crucial elements of its business operations, 911[.]re, a proxy service that since 2015 has sold access to tens of thousands of Microsoft Windows machines every day, announced this week that it is closing down.
KrebsOnSecurity released a thorough analysis of 911 and its ties to dubious pay-per-install affiliate systems that covertly packaged 911’s proxy software with other products, including “free” utilities and illegal malware; the company abruptly closed.
Residential proxy services are frequently promoted to customers looking for a way to get around the primary media streaming services’ country-specific blocking policies. However, some of them, like 911, employ “free VPN” or “free proxy” services driven by software to transform the user’s PC into a traffic relay for other users to build their networks. In this case, consumers receive a free VPN service.
Still, they frequently don’t realize that doing so will turn their machine into a proxy, allowing others to use their Internet address to conduct online transactions.
Early in July, the service was hacked, and it was found that several user accounts’ balances had been altered, according to 911. When customers use the service to make financial deposits, an application programming interface (API) is employed to handle account topping up, according to 911.
According to Riley Kilmer, co-founder of the proxy-tracking website Spur.us, it will be challenging to replicate 911’s network shortly. Kilmer predicted that the remaining competitors to 911 would receive a significant boost shortly but that a new contender would finally emerge.
None of those works well as a substitute for LuxSocks or 911. However, everyone will be able to use them. The attempts to commit fraud will continue through these substitute services, which ought to be simpler to keep an eye on and halt. Some very new IP addresses belonged to 911.
This week, several significant proxy providers disclosed breaches related to unauthenticated APIs, not just 911. On July 28, KrebsOnSecurity revealed that client information for Microleaves, a proxy service that changes its users’ IP addresses every five to ten minutes, had been exposed via internal APIs that were made public on the internet. That research revealed that Microleaves, like 911, has a lengthy history of disseminating its proxy software through pay-per-install programs.
