Attackers add hacked servers to commercial proxy networks for profit


Hackers are using commercial proxy networks that pay users for their bandwidth to monetize their illegally obtained access to servers. Dubbed proxyjacking, this type of abuse has been increasingly observed alongside other forms of abusing hacked servers, such as cryptojacking.

“Although the concept of proxyjacking is not new, the ability to easily monetize it as affiliates of mainstream companies is,” researchers from Akamai said in a report. “Providing a simple path to financial gain makes this vector a threat to both the corporate world and the average consumer alike, heightening the need for awareness and, hopefully, mitigation.”

The Akamai team recently investigated several campaigns in which attackers used compromised SSH credentials to deploy a series of scripts that turned the servers into proxy clients on the Peer2Profit and Honeygain networks.