Aisuru botnet shifts from DDoS to residential proxies

In the last few months I've seen many advertisements for a device they call the "Super Box" - it's essentially an (Android based?) IPTV device with every channel imaginable. The people I know with them paid around $300 and there isn't a monthly fee.

I have a hunch they're trading free TV for becoming a residential proxy unknowingly. Would love to capture network traffic from one and see what's really going on.

The fact that people are willing to buy these super sketchy devices and plug them into their networks without a second thought is kinda scary.

Very fascinating. I saw multiple people predict that these ddos attacks were just advertisement for the Aisuru services.

How can regular users of Android, smart TV's, etc. identify these IoT devices that have been compromised?

recently had to research "residential proxy", and the number of websites that claim that they have millions of IPs on hand was very strange. then the fact that a lot of them work in the exact same way, and a lot of them accepted payment mostly in crypto was very strange. so now connecting the dots, makes sense now why these "residential proxy" websites looked and worked the same way

Why there is no protocol that would allow a network to request blocking traffic from a subnet or network? For example, AS X doesn't want any traffic from Y, and all operators between X and Y block traffic from Y to X.

To motivate lazy network operators, this protocol should be linked with financial conditions: an operator who doesn't honor the request, gets significantly reduced payment for this month's traffic.

I see weak people whining about attacks for like 10 years, and nobody changes anything. It's easier to blame evil hackers than fix their own broken poorly designed systems.

To give specific example, imagine a business which has 95% customers in developed country A, but receives 99% web requests from developing countries (DDoS attacks mainly come from there). It makes financial sense to cut off those countries first and after than figure out what happened.

> ... renting hundreds of thousands of infected Internet of Things (IoT) devices to proxy services...

And that's why I will never buy any IoT devices that require an internet connection to work. Only IoT devices in my house are those that connect to my own server and never see the light of the internet.

So not only are AI companies stealing content, they’re actively funding criminal organisations too. Wonderful

About the ethics of residential proxies: Brightdata, which sells a residential proxy, blocks their own proxy when you point it to brightdata.com.

The fact that they don't allow you to use their service to scrape their own domain, tells you something about their ethics...