Proxy Service 911[.]re Closes After Disclosing Breach and Data Damage (krebsonsecurity.com) 4
Long-time Slashdot reader tsu doh nimh writes: 911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its business operations, KrebsOnSecurity reports.
From the article: "On July 28th, a large number of users reported that they could not log in the system," the statement continues. "We found that the data on the server was maliciously damaged by the hacker, resulting in the loss of data and backups. Its [sic] confirmed that the recharge system was also hacked the same way. We were forced to make this difficult decision due to the loss of important data that made the service unrecoverable."
Operated largely out of China, 911 was an enormously popular service across many cybercrime forums, and it became something akin to critical infrastructure for this community after two of 911's longtime competitors — malware-based proxy services VIP72 and LuxSock — closed their doors in the past year...
911 wasn't the only major proxy provider disclosing a breach this week tied to unauthenticated APIs: On July 28, KrebsOnSecurity reported that internal APIs exposed to the web had leaked the customer database for Microleaves, a proxy service that rotates its customers' IP addresses every five to ten minutes. That investigation showed Microleaves — like 911 — had a long history of using pay-per-install schemes to spread its proxy software.
From the article: "On July 28th, a large number of users reported that they could not log in the system," the statement continues. "We found that the data on the server was maliciously damaged by the hacker, resulting in the loss of data and backups. Its [sic] confirmed that the recharge system was also hacked the same way. We were forced to make this difficult decision due to the loss of important data that made the service unrecoverable."
Operated largely out of China, 911 was an enormously popular service across many cybercrime forums, and it became something akin to critical infrastructure for this community after two of 911's longtime competitors — malware-based proxy services VIP72 and LuxSock — closed their doors in the past year...
911 wasn't the only major proxy provider disclosing a breach this week tied to unauthenticated APIs: On July 28, KrebsOnSecurity reported that internal APIs exposed to the web had leaked the customer database for Microleaves, a proxy service that rotates its customers' IP addresses every five to ten minutes. That investigation showed Microleaves — like 911 — had a long history of using pay-per-install schemes to spread its proxy software.
Get up, get up, get up, get down (Score:3)
Proxy Service 911[.]re is a joke, in your town
Article purposely vague. (Score:1)
If it was a criminal organization, it sounds like law enforcement or white hat hackers figured how to breech security and scramble data. This is very different from how the story reads. A legitimate business being targeted and forced to cease operations.
Re: (Score:2)
Yeah, it sounds like it couldn't have happened to a much nicer operation. But the doing of it was still a criminal act. And I don't care whether they were law enforcement or not, it's still criminal.
Re: (Score:2)
I RTFA and in some ways it raised more questions than it answered, although I suppose it would have helped if I had heard of the "service" before it went down. Having a VPN available in order to defeat geo-blocking can be pretty useful at times, but some of the not-so-publicly-documented "features" were not so benign. Still, since I hardly ever run Windows this would not have been useful for me anyway.
The original KrebsOnSecurity article - https://krebsonsecurity.com/2022/07/a-deep-dive-into-the-residenti [krebsonsecurity.com]