Threat actors have discovered a profitable new attack method that uses legal proxyware services, which let users resell some of their Internet bandwidth to outside parties. According to Sysdig Threat Research Team (TRT) researchers, cybercriminals can employ this “proxyjacking” attack vector in large-scale attacks that target cloud-based systems to potentially make hundreds of thousands of dollars per month in passive revenue. Researchers from Kaspersky
defined proxyware services in the following way in a blog post from February: “[Users install a client that creates a] proxy server. Installed on a desktop computer or smartphone, it makes the device’s Internet connection accessible to an outside party.”
cyberintelmag.com
