The U.S. Department of Justice and Europol dismantled SocksEscort, a malicious proxy service used by cybercriminals to conceal their identities while executing financial fraud, including the illicit takeover of cryptocurrency accounts.
The operation, coordinated with agencies from Austria, France, the Netherlands, Germany, Hungary, Romania, and the United States, resulted in the seizure of 34 domains, the disruption of approximately two dozen servers across seven countries, and the freezing of around $3.5 million in cryptocurrencies linked to the network.
According to the Department of Justice, the service compromised at least 369,000 routers and internet-connected devices across 163 countries since 2020, giving criminals control over proxies that concealed their real IP addresses. Among the cases cited by prosecutors, a victim in New York lost approximately $1 million in cryptocurrencies. Investigators estimate the network collected at least five million euros from its users through anonymous cryptocurrency payments.
Europol Executive Director Catherine De Bolle noted that services like SocksEscort provide criminals with the digital cover needed to launch attacks, distribute illegal content, and evade detection mechanisms.
The investigation received technical support from Black Lotus Labs, the threat intelligence unit of telecommunications company Lumen Technologies, and from the nonprofit organization Shadowserver Foundation. The AVrecon malware, publicly documented by Black Lotus Labs in July 2023, was identified as the tool used by SocksEscort to compromise devices.
Disclaimer: Crypto Economy Flash News are based on verified public and official sources. Their purpose is to provide fast, factual updates about relevant events in the crypto and blockchain ecosystem.
This information does not constitute financial advice or investment recommendation. Readers are encouraged to verify all details through official project channels before making any related decisions
