Operation Moonlander: Four Individuals Sold Botnets Made from Old Routers on Anyproxy and 5socks for 20 Years
Published on May 10, 2025
- The FBI seized the Anyproxy.net and 5socks.net domains that sold infected routers
- Four individuals were indicted for creating botnets using old wireless internet routers
- The botnets were sold on Anyproxy and 5socks websites for over 20 years
As part of a law enforcement campaign, Operation Moonlander, four individuals, one from Kazakhstan and three from Russia, have been indicted by the FBI for cybercrime, including the repurposing of older internet routers to create botnets.
This was used to gain unauthorized access. The routers were then reconfigured and left for sale as proxy servers on the botnet services Anyproxy[.]net and 5socks[.]net.
The Kazakhstani national, Dmitriy Rubtsov, along with Russian nationals, Alexey Viktorovich Chertkov, Kirill Vladimirovich Morozov, and Aleksandr Aleksandrovich Shishkin targeted older-model wireless internet routers which belonged to users across the globe.
After infecting them with malware, the group would allow third parties to access them, exposing unsuspecting users to risk. The police identified infected routers used by residents and businesses in Oklahoma.
The police traced the website selling the botnets to domains managed by a company that is headquartered in Virginia. They seized the botnets, along with the Anyproxy and 5socks domains.
The indicted individuals are predicted to have made over $46 million from selling infected routers. Investigation revealed that the websites listed over 7,000 proxies that were put up on sale for users worldwide.
They charged buyers between $9.95 to $110 for a monthly subscription. The website read, “Working since 2004!” leading to speculations that the fraud went on for over 20 years.
Two members, Chertkov and Rubtsov, are charged with producing false identification during the registration of the domain name used to infect users with the Anyproxy botnet.
The case is currently under investigation. Botnets are a collection of infected computers which is controlled by a threat actor to target systems with distributed denial-of-service attacks (DDoS), stealing data, sending spam, and more.
Related
Most Popular
Most Popular