News
Cybersecurity · FBI Warning · IoT Security · Residential Proxies
The Federal Bureau of Investigation (FBI) issued a Public Service Announcement (PSA) warning consumers and businesses about the growing threat of residential proxies, which cyber threat actors exploit to route illicit internet traffic through compromised home and small business networks, obfuscating their true identities and locations.
Residential proxies utilize legitimate IP addresses assigned by an Internet Service Provider (ISP) to Internet of Things (IoT) devices, making the device owner appear responsible for criminal activity. Devices become part of these networks through methods including malicious Software Development Kits (SDKs) in applications, hidden terms in free VPNs, compromised IoT devices, malware from pirated content, and "passive income" schemes.
Criminals leverage these proxies for malware distribution, phishing, identity theft, spam, data exfiltration, brute force attacks, bypassing content restrictions, hosting illicit marketplaces, and account takeovers, making tracing difficult. The FBI recommends precautions such as avoiding pirated content, using official app stores, keeping software updated, and monitoring home network traffic.
Businesses should also update software, enforce strong device policies, segment networks, and implement firewalls. Victims are advised to file a complaint with the FBI Internet Crime Complaint Center (IC3) and contact account providers immediately.
