Technology

DoJ dismantles botnet made of 360,000 infected routers and IOT devices spread across 163 countries that ran for 16 years — SocksEscort proxy network eliminated in joint operation with Europol

Source

Tom's Hardware

Published

Mar 14, 2026

TL;DR

AI Generated

The U.S. Department of Justice, in collaboration with Europol, successfully dismantled a massive botnet known as the SocksEscort proxy network, which had infected 360,000 routers and IoT devices in 163 countries over a 16-year period. The botnet facilitated various criminal activities, including bank and cryptocurrency account takeovers, ransomware distribution, DDoS attacks, and the dissemination of child sexual abuse material. The operation led to the seizure of $3.5 million worth of cryptocurrency and the takedown of 34 domains and 23 servers associated with the network. The incident highlights the vulnerability of home routers and smart devices to cybercriminal exploitation due to security flaws and lack of user awareness about firmware updates.

Read Full Article

The Download: a Nobel winner on AI, and the case for fixing everything

Nobel-winning economist Daron Acemoglu discusses AI's impact on productivity and the future of work, emphasizing the need for human labor despite technological advancements. Stewart Brand advocates for the importance of maintenance in his new book, highlighting the significance of caring for various aspects of society. Additionally, the article mentions the discovery of the first zero-day exploit created by AI and other notable tech news stories, including OpenAI's cybersecurity efforts and developments in the hantavirus vaccine.

MIT Technology Review•

3 hours ago

Compromised Mistral AI and TanStack packages may have exposed GitHub, cloud and CI/CD credentials in 'mini Shai Hulud' malware infection — supply-chain campaign spreads across npm and AI developer ecosystems like wildfire

Microsoft is investigating a compromise of the mistralai PyPI package, where attackers injected malicious code that automatically executed on import, downloaded a secondary payload, and launched malware on Linux systems. The compromised package contained code that silently downloaded a file and executed it in the background, potentially stealing credentials and executing destructive commands. This incident is part of the broader "Mini Shai-Hulud" software supply-chain campaign affecting npm and AI developer ecosystems. Additionally, security firm Aikido warned of compromised TanStack JavaScript packages and Mistral npm SDK packages in separate attacks, urging developers to rotate credentials if affected. The incidents highlight the increasing targeting of developer infrastructure, emphasizing the importance of securing high-value credentials in modern development environments.

Tom's Hardware•

3 hours ago

Standard 90-day vulnerability disclosure policy is likely dead thanks to AI, expert warns that AI can weaponize patches in 30 minutes — LLM-assisted bug-hunting ushers in a new cyberworld order

AI-assisted code scanning tools are accelerating the discovery and exploitation of software vulnerabilities, rendering the traditional 90-day disclosure policy ineffective. Security researcher Himanshu Anand warns that AI can weaponize patches within 30 minutes, leading to a new cyberworld order where developers need to prioritize security measures like LLM-assisted bug-hunting. The rapid identification of vulnerabilities by AI-powered tools raises concerns about the effectiveness of current security practices, prompting Anand to advocate for immediate fixes for critical security issues. While open-source software benefits from quick patch distribution, closed-source software may face challenges as AI tools become more adept at identifying vulnerabilities.

Tom's Hardware•

4 hours ago

Google finds first AI-developed zero-day that bypasses 2FA — self-morphing malware and Gemini-powered backdoors signal a new era of cybercrime

Google's Threat Intelligence Group (GTIG) has identified the first AI-developed zero-day exploit that bypasses 2FA, signaling a new era of cybercrime. The exploit involves self-morphing malware and Gemini-powered backdoors, showcasing the increasing sophistication of malicious actors. AI is being used extensively in cybercrime operations, allowing attackers to dynamically generate exploit payloads and evade detection. The report highlights the use of AI in phishing attacks, network intrusions, and even political manipulation, emphasizing the need for heightened cybersecurity measures. The GTIG report provides detailed insights into these emerging threats and the evolving landscape of cybercrime.

Tom's Hardware•

5 hours ago

The Download: a Nobel winner on AI, and the case for fixing everything

MIT Technology Review•

3 hours ago

Compromised Mistral AI and TanStack packages may have exposed GitHub, cloud and CI/CD credentials in 'mini Shai Hulud' malware infection — supply-chain campaign spreads across npm and AI developer ecosystems like wildfire

Tom's Hardware•

3 hours ago

Standard 90-day vulnerability disclosure policy is likely dead thanks to AI, expert warns that AI can weaponize patches in 30 minutes — LLM-assisted bug-hunting ushers in a new cyberworld order

Tom's Hardware•

4 hours ago

Google finds first AI-developed zero-day that bypasses 2FA — self-morphing malware and Gemini-powered backdoors signal a new era of cybercrime

Tom's Hardware•

5 hours ago

DoJ dismantles botnet made of 360,000 infected routers and IOT devices spread across 163 countries that ran for 16 years — SocksEscort proxy network eliminated in joint operation with Europol

TL;DR

Similar Articles

The Download: a Nobel winner on AI, and the case for fixing everything

Compromised Mistral AI and TanStack packages may have exposed GitHub, cloud and CI/CD credentials in 'mini Shai Hulud' malware infection — supply-chain campaign spreads across npm and AI developer ecosystems like wildfire

Standard 90-day vulnerability disclosure policy is likely dead thanks to AI, expert warns that AI can weaponize patches in 30 minutes — LLM-assisted bug-hunting ushers in a new cyberworld order

Google finds first AI-developed zero-day that bypasses 2FA — self-morphing malware and Gemini-powered backdoors signal a new era of cybercrime

We use cookies

DoJ dismantles botnet made of 360,000 infected routers and IOT devices spread across 163 countries that ran for 16 years — SocksEscort proxy network eliminated in joint operation with Europol

TL;DR

Similar Articles

The Download: a Nobel winner on AI, and the case for fixing everything

Compromised Mistral AI and TanStack packages may have exposed GitHub, cloud and CI/CD credentials in 'mini Shai Hulud' malware infection — supply-chain campaign spreads across npm and AI developer ecosystems like wildfire

Standard 90-day vulnerability disclosure policy is likely dead thanks to AI, expert warns that AI can weaponize patches in 30 minutes — LLM-assisted bug-hunting ushers in a new cyberworld order

Google finds first AI-developed zero-day that bypasses 2FA — self-morphing malware and Gemini-powered backdoors signal a new era of cybercrime