There's a lot of money in selling someone else's stuff

That's a lesson hackers around the world have learned very well. Their latest venture is selling other people's internet bandwidth.

You may not have heard the term Proxyware before just now. If not it's a new way hackers and cybercriminals have devised to make money. The idea discovered by researchers from Cisco Talos is simplicity itself.

Hackers penetrate a target system and install something called Proxyware which is a catch all phrase to describe any number of internet-sharing applications. A great many proxyware applications are perfectly legitimate and used by millions every day.

 

Create a hotspot in your network

Hackers are perverting this and creating an internet hotspot on the victim's machine. It is used as a host and the proxyware portions out their available bandwidth to those who pay for access to it. The end result is that the hackers make money, and your internet connection slows to an annoying crawl.

It's devious but this is by no means the first time that hackers have figured out how to abuse perfectly legitimate software. After all many people install and run cryptocurrency miners in hopes of making a bit of extra money. Naturally hackers have co-opted this too and have created a wide range of crypto jacking software. It functions just like "regular" crypto mining software except that it's designed to give any payouts to the hackers and not the person who actually owns the machine.

Right now, proxyware is in its infancy. There aren't many active campaigns and none of them are widespread or have a global reach. You can expect that to change however as hackers find their footing in this new market and maximize its moneymaking potential.

 

As Cisco Talos Intelligence Group puts it

"This is a recent trend, but the potential to grow is enormous. We are already seeing serious abuse by threat actors that stand to make a significant amount of money off these attacks. These platforms also pose new challenges for researchers, since there is no way to identify a connection through these kinds of networks -- the origin IP becomes even less meaningful in an investigation."

 

My perspective

Ready or not large-scale proxyware attacks are coming. It's huge, and there is no good defense yet.

 

Just like Martin Brody said: "You're gonna' need a bigger boat"

 


By Denis Wilson

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT Support

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, Facebook, and Twitter

I am also a published author and speaker on cloud computing, work@home, and cybersecurity. I work extensively with business and professional associations to provide free small business technology education programs.

 

Contact me if you would like me to speak for free to your association