The accused individuals are Russian nationals Alexey Viktorovich Chertkov (37), Kirill Vladimirovich Morozov (41), Aleksandr Aleksandrovich Shishkin (36), and Kazakhstani national Dmitriy Rubtsov (38). They are charged with conspiracy and damaging protected computers. According to the indictment, the men operated botnet services named “Anyproxy” and “5socks,” earning over $46 million from the scheme.
Investigators allege that the accused infected thousands of outdated wireless routers across the world, including in the United States, by secretly installing malware. This malware gave the hackers control of the routers, which they then sold as proxy servers through their websites. These websites charged customers monthly subscription fees ranging from $9.95 to $110, depending on the service.
Court records reveal that 5socks.net offered over 7,000 proxy servers for sale globally, including in the U.S. The service had been operating since at least 2004. The domains were managed by a Virginia-based company and hosted on servers around the world.
Chertkov and Rubtsov face additional charges for falsely registering domain names. They allegedly provided fake information when registering Anyproxy.net and 5socks.net.
The FBI’s Oklahoma City Cyber Task Force uncovered malware on both business and residential routers in Oklahoma during their investigation. With the help of international law enforcement, the botnet's overseas infrastructure has now been disabled.
The case is being investigated by the FBI Oklahoma City Cyber Task Force. Prosecutors from the Northern District of Oklahoma and the Justice Department’s Computer Crime and Intellectual Property Section are leading the legal proceedings.
The investigation also involved the Eastern District of Virginia, Dutch National Police, the Netherlands Public Prosecution Service, and the Royal Thai Police. Cybersecurity firm Black Lotus Labs of Lumen Technologies played a key role by assisting authorities in tracking and analyzing the botnet.
Tags:
Cybercrime in World
