International law enforcement dismantles SocksEscort proxy botnet powered by AVrecon malware
Here's what it means for you.
The world’s largest residential proxy botnet just got unplugged—reducing cybercriminals’ ability to hide behind your home devices.
What happened
On March 11, 2026, law enforcement from eight countries seized 23 servers, 34 domains, and $3.5 million in crypto, dismantling the SocksEscort proxy botnet powered by AVrecon malware.
The Context
- Global scale: SocksEscort compromised 369,000 routers and IoT devices across 163 countries, selling access to criminals for fraud, ransomware, and account takeovers.
- Professional risk: The botnet enabled credential stuffing, ad fraud, and DDoS attacks—direct threats to your company’s security and digital assets.
- Infrastructure hit: Authorities froze over $3.5 million in crypto payments and took down core infrastructure, but investigations and victim notifications are still ongoing.
The Number
— That’s how many devices were hijacked globally, meaning your office or home router could have been part of a cybercriminal’s toolkit.
Takeaway
Expect a temporary dip in cyberattacks using residential proxies, but watch for new botnets as attackers regroup and exploit unpatched devices.
Consumer tech news, reviews, and buying guides for gadgets and electronics.
"TechRadar is known for comprehensive buying advice, hardware reviews, and consumer tech news targeted at mainstream audiences."
— A47 Editor
Major SocksEscort proxy network powered by Linux malware taken down by FBI and other police forces
The FBI and other police forces have dismantled the SocksEscort proxy network, a major operation powered by Linux malware that had been active for 15 years, seizing its servers and domains.
Startup news with frequent AI coverage.
"Covers launches, funding, and product updates in AI."
— A47 Editor
Law enforcement shuts down botnet made of tens of thousands of hacked routers
An international law enforcement operation has dismantled SocksEscort, a service accused of enabling cybercriminals worldwide to use tens of thousands of hacked routers for ransomware, DDoS attacks, and distributing child sexual abuse material.