Russian military hackers waged a constant hacking campaign against high-level American targets and used a special technique to disguise their activities: a tool to hide behind addresses connected to the daily home and mobile networks of Americans.
IIn case you missed it, the “SolarWinds” hackers are back. A recent report Microsoft researchers show that certain cyber spies – who are believed to be members of Russia’s Foreign Intelligence Service – have targeted a bunch of American technology companies with a new hacking campaign. These are supposedly the same hackers behind it. “SolarWinds campaign ”.—Massive espionage efforts that have penetrated the networks at least nine federal agencies and more 100 different companies based in the US, and encouraged more hearings in Congress.
New report from Bloomberg sheds light on the method that hackers apparently used to cover up their hacking activities: setting up “housing proxies”, which allowed them to hide behind the IP addresses of unsuspecting Americans.
In essence, a residential proxy uses a set of real IP addresses that can be legally purchased through certain ISPs for the purpose of anonymity. It’s a bit like a VPN, in that it masks your real IP address and allows you to run your online business anonymously. In fact, there seems to be a fairly large industry dedicated to this. Google these services educates wealth company. And it’s all completely legal, obviously.
By using the IP addresses of Americans, Russian hackers have managed to make their online activities less suspicious than by simply using addresses located in Russia, writes Bloomberg.
“Residential proxies allow someone to launder their Internet traffic through an unsuspecting home user to make it look like the traffic came from a residential broadband user in the U.S. and not from somewhere in Eastern Europe, for example,” Doug Madory, a cybersecurity employee. Kentik, he told the release.
This is interesting, but there is definitely something weird about how pedestrian this is. You would think that Russian military hackers would have a slightly more sophisticated blurring technique than anyone else could use. Obviously not.
In any case, whether sophisticated or not, the technique seems to have helped these hackers stay busy. Microsoft announced that from July 1 to October 19 this year, the hacker group attacked 609 of their customers 22,868 times.
“This recent activity is another indication that Russia is trying to gain long-term, systematic access to various points in the technology supply chain and to establish a mechanism to monitor – now or in the future – goals of interest to the Russian government,” Tom Burt, Microsoft Vice President of Privacy and Security, phelp in the company recent blog.
Friendly communicator. Music maven. Explorer. Pop culture trailblazer. Social media practitioner.