Russian military hackers have been waging an ongoing hacking campaign against high-level American targets and have used a special technique to mask their activities: a tool to hide behind addresses associated with everyday Americans’ home and mobile networks.
In case you missed it, the “SolarWinds” hackers are back. A
“Residential proxies enable someone to launder their internet traffic through an unsuspecting home user to make it appear as if the traffic was originated from a U.S. residential broadband customer instead of from somewhere in Eastern Europe, for example,” Doug Madory, an employee at cybersecurity firm Kentik, told the outlet.
This is interesting but there’s definitely something weird about how pedestrian this is. You would think that Russian military hackers would have a slightly more sophisticated obfuscation technique than one that anybody else could use. Apparently not.
At any rate, whether’s it’s sophisticated or not, the technique seems to have helped these hackers stay busy. Microsoft has reported that, between July 1st and Oct. 19th of this year, the hacking group has attacked 609 of their customers 22,868 times.
“This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government,” Tom Burt, Microsoft’s vice president of privacy and security, said in the company’s recent blog.