Hacker News new | past | comments | ask | show | jobs | submit login
Who’s Behind the Botnet-Based Service BHProxies? (krebsonsecurity.com)
66 points by mikece on Feb 24, 2023 | hide | past | favorite | 17 comments



The question isn’t really answered with much confidence. Perhaps a premature post.


It’s pretty clear to me that Abdalla Khafagy is behind it. Did you read the whole article?


Not op, but yes, after reading the full article it is not proven beyond a reasonable doubt that the named individual is in fact the person behind the shady actions. Not cool to dox someone when one is not totally sure…


Krebs is notorious for dropping dox on people based on somewhat questionable evidence.

Its kind of his whole deal.


Cool side hustle


[flagged]


So its commercial monetisation backed by illegally obtained infrastructure?


Like all residential proxies


So they shouldn’t be reported on at all because they’re ‘all’ illegal?


Not Bright Data (supposedly)


Formerly known as Luminati. They used to run Hotspot Shield VPN that installed proxy malware in exchange for a “free VPN”.

There is only one company trying to do residential proxy services legitimately, and it’s not working out. People just don’t want to knowingly share their internet connection with strangers even when paid for it. Why? Because they don’t want to be accused of nefarious deeds and the liability that goes along with that.


> People just don’t want to knowingly share their internet connection with strangers even when paid for it.

BT WiFi is fundamentally that: BT broadband customers share (perhaps unwittingly) their connections with others, and it’s nearly impossible to disable.

Also the Fon.com network is doing that on a much larger scale (https://fon.com/maps/).

But your point stands; who would actively want to be culpable for the traffic caused by unknown third parties?

So it’s left down to ISP marketing to make it look as an added value feature (“you can have free WiFi everywhere!”) rather than a huge liability (“you can go to jail or be fined”).

Wasn’t there a recent US case of this, where a couple was dragged to courts for CSAM traffic over their connection but caused by a third party? They got acquitted, but even afterwards aren’t allowed to participate in their kid’s school activities.

Must have been on here in the past couple of weeks, if memory serves.

Salient point is, even if one is acquitted, the social stain is hard to wash off.


That's completely different. With Fon and BT WiFi, your router has an extra AP, so "others" are physically present near the router. With Luminati, the "other" can be literally the highest bidder on the Internet.


Xfinity/Comcast in the USA does the same if you use their wifi router: it broadcasts a separate AP called “xfinity” that any xfinity customer can use.


Okay, but the users did agree to it, did they not? They still operate earnapp which is similar.


The users did not agree to it. They are sharing their internet connection unknowingly.


Think you're just wrong here. First, the VPN they ran (still run) is Hola, not Hotspot Shield. Second, with just a bit of research, I found that it was always part of the agreement that Hola could use your internet for this type of activity.

https://www.zdnet.com/article/hola-a-free-vpn-with-a-side-of...


I would be curious about the ramifications, I can think of a handful of reasons to do this, namely geofenced online poker (legally grey at best) but I imagine most people that use these services do so illegally.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: