Key Takeaways:
A new class of malware lurking in smartphone apps and cheap electronics is allowing criminals to hijack home and wireless networks for use in large-scale hacking operations. The software creates “residential proxy networks,” turning a user’s internet connection into a node in a botnet that can be used for illicit activities, potentially exposing the homeowner to law enforcement scrutiny.
"If they use your network for illegal activity, there’s a chance that law enforcement could come knocking at your door," Riley Kilmer, co-founder of internet intelligence company Spur, said. Spur investigates these networks and has developed a public tool for users to check if their network is compromised.
The test page examines a network’s IP address, the unique identifier for a device on the internet. A result of “Observed Risks: unknown” indicates a clean network, according to Spur. However, if the page lists observed risks, it suggests the IP address is associated with a residential proxy network, though it may not be the user’s specific device that is infected if they are on a large mobile network.
The primary risk comes from unknowingly installing software that gives hackers a backdoor into a home network. This can happen through free apps that promise services like VPNs or access to paid content, or even through unbranded, low-cost electronics with pre-installed vulnerabilities.
The most immediate step for concerned users is to remove any apps that offer payment for sharing internet bandwidth, as these are often explicit parts of a residential proxy network. Shadier operators embed this functionality in free apps offering VPN services, pirated video games, or free access to streaming platforms like Netflix or HBO.
Residential proxy software has also been found on inexpensive, off-brand video-streaming gadgets and digital picture frames. Experts suggest that any device promising free access to paid content is a likely suspect. Upgrading to hardware from reputable brands and paying for legitimate subscriptions is the safest alternative. After removing suspect apps and devices, Spur’s test page should show an all-clear result within two weeks if the user’s devices were the source of the infection.
This article is for informational purposes only and does not constitute investment advice.
