The Digital Legacy of Botnet 911 S5
June 14, 2024, 11:06 a.m.
Description
The report provides an in-depth analysis of the notorious Botnet 911 S5, revealing its origins, operations, and digital remnants. It traces the botnet's evolution, from its inception in 2014 to its eventual demise in 2024, after a joint law enforcement operation. The botnet leveraged free VPN software to distribute malware, infecting millions of devices worldwide and selling access to this proxy network. The report meticulously dissects the botnet's infrastructure, shared resources, and malware samples, shedding light on the tactics employed by its operators, even after their rebranding efforts under the guise of 'CloudRouter'.
Tags
Date
- Created: June 14, 2024, 10:51 a.m.
- Published: June 14, 2024, 10:51 a.m.
- Modified: June 14, 2024, 11:06 a.m.
Indicators
- fa0c044489bf26df366018288990735e87740c17725cc9cbde50fc7067630e01
- afc82cce49b6bee26340b55d5a9e8a9b08406878f7cfafe69d6c7fd04dc132d1
- 504824b1c08ae15920b675d6cb3339eda56781d20763a7162ba7f43027269f4a
- 3eb28a578241d2cdfb7cbd0036facdb5ca8fbc42da2de47aa04e5faf72d65345
- f78075951f0272020ca33fee78c3cf9007a0db1842af5cd0eeab518ccc915b16
- www.dewvpn.com
- www.911s5.com
- www.911.gg
- userip.911s5.net
- user.dewvpn.com
- net.dewvpn.com
- neibu.911s5.net
- login.911s5.net
- eu.911.gg
- soccerstreamingvpn.com
- shinevpn.org
- shinevpn.com
- shinevpn.net
- shinevpn.co
- shieldvpn.org
- searchsafe.com
- reachfresh.com
- proxygate.net
- freevpnlebanon.com
- freevpnhongkong.com
- freevpnghana.com
- freevpncuba.com
- dewvpn.org
- dewvpn.net
- dewvpn.cc
- cloudrouter.pro
- cloudrouter.io
- 911s5.org
- 911s5.net
- 911s5.com