SystemBC – Bringing the Noise
Sept. 25, 2025, 2:41 p.m.
Description
The SystemBC botnet, composed of over 80 C2s and 1,500 daily victims, primarily targets VPS systems from commercial providers. It creates proxies enabling high volumes of malicious traffic for various criminal threat groups. The network is used by multiple proxy services, including REM Proxy, which offers tiered packages for different cybercriminal needs. SystemBC's infrastructure allows for massive data transfers, with some bots generating over 16 GB of proxy data in 24 hours. The botnet is used for various malicious activities, including brute-forcing WordPress credentials, web-scraping, and supporting ransomware operations. The report highlights the evolving nature of proxy services in the cybercriminal ecosystem and their role in facilitating large-scale attacks.
Tags
Date
- Created: Sept. 25, 2025, 9:21 a.m.
- Published: Sept. 25, 2025, 9:21 a.m.
- Modified: Sept. 25, 2025, 2:41 p.m.
Indicators
- 1c74b1195250632f2f1d1a9066f07f6e0a8c12dff40aeb3c1fe22440c97bc8ee
- 85.206.167.149
- 85.206.167.148
- 85.206.167.147
- 85.206.167.146
- 85.206.167.145
- 85.206.167.144
- 85.206.167.143
- 85.206.167.142
- 85.206.167.141
- 85.206.167.140
- 85.206.167.139
- 85.206.167.138
- 85.206.167.137
- 85.206.167.136
- 85.206.167.135
- 85.206.167.134
- 85.206.167.133
- 85.206.167.132
- 85.206.160.66
- 85.206.160.65
- 85.206.160.250
- 85.206.160.226
- 85.206.160.225
- 85.206.160.13
- 85.206.160.116
- 85.206.160.115
- 185.93.89.191
- 185.93.89.190
- 185.93.89.189
- 185.93.89.188
- 185.93.89.187
- 185.93.89.183
- 185.93.89.182
- 185.93.89.181
- 185.93.89.180
- 185.93.89.179
- 185.93.89.178
- 185.93.89.177
- 185.93.89.176
- 185.93.89.175
- 185.93.89.174
- 185.93.89.172
- 185.93.89.171
- 185.93.89.170
- 185.93.89.169
- 185.93.89.168
- 185.93.89.166
- 185.93.89.165
- 185.93.89.164
- 185.93.89.163
- 185.93.89.162
- 185.93.89.159
- 185.93.89.158
- 185.93.89.157
- 185.93.89.156
- 185.93.89.155
- 185.93.89.153
- 185.93.89.152
- 185.93.89.151
- 185.93.89.150
- 185.93.89.149
- 185.93.89.147
- 185.93.89.146
- 185.93.89.145
- 185.93.89.144
- 185.93.89.143
- 185.64.106.97
- 185.64.106.94
- 185.64.106.189
- 185.64.106.186
- 185.64.106.148
- 185.64.106.147
- 185.64.105.8
- 185.64.105.183
- 185.64.105.182
- 185.64.105.12
- 185.64.104.69
- 185.64.104.68
- 185.64.104.55
- 185.64.104.54
- 185.64.104.45
- 185.64.104.44
- 185.64.104.132
- 185.64.104.131
- 185.64.104.125
- 185.64.104.124
- 185.25.49.229
- 185.25.49.221
- 185.25.49.220
- 185.25.49.183
- 185.25.49.182
- 185.25.49.181
- 185.25.49.180
- 185.25.48.97
- 185.25.48.96
- 185.25.48.95
- 185.25.48.49
- 185.25.48.197
- 185.25.48.104
- 185.25.48.102
- 176.46.138.241
- 176.46.138.240
- 176.46.138.239
- 176.46.138.237
- 176.46.138.235
- 176.46.138.234
- 176.46.138.233
- 176.46.138.232
- 176.46.138.229
- 176.46.138.228
- 176.46.138.227
- 176.46.138.226
- 176.46.138.225
- 176.46.138.223
- 176.46.138.222
- 176.46.138.221
- 176.46.138.220
- 176.46.138.219
- 176.46.138.217
- 176.46.138.216
- 176.46.138.215
- 176.46.138.213
- 176.46.138.211
- 176.46.138.210
- 176.46.138.209
- 176.46.138.208
- 176.46.138.207
- 104.250.164.254
- 104.250.164.253
- 104.250.164.252
- 104.250.164.250
- 104.250.164.251
- 104.250.164.248
- 104.250.164.247
- 104.250.164.246
- 104.250.164.242
- 104.250.164.245
- 104.250.164.244
- 104.250.164.241
- 104.250.164.239
- 104.250.164.240
- 104.250.164.238
- 104.250.164.235
- 104.250.164.236
- 104.250.164.234
- 104.250.164.233
- 104.250.164.230
- 104.250.164.228
- 104.250.164.227
- 104.250.164.229
- 104.250.164.226
- 104.250.164.223
- 104.250.164.224
- 104.250.164.222
- 104.250.164.221
- 104.250.164.220
- 104.250.164.214
Additional Informations
- Russian Federation