The Russian Internet host PROXIEZ-NET has been booted off the Internet despite claims that it was immune to being shut down. PROXIEZ-NET is a known crimeware, or malware, host that is used by gangs to steal peoples’ private information from online bank logins.
Rupert Goodwins, editor of ZDNet UK said that malware “has to report back to base for instructions and to deliver its goods.”
With this connection cut off, criminal gangs won’t be able to gather the information that they’ve stolen by using spy keyloggers, computer programs that record all keystrokes made on a computer and send them to the hacker. Many hackers had been using a toolkit called Zues that was written and sold by a Russian software engineer, which allows hackers to use keylogging to get Paypal, Ebay, and online banking passwords.
They were using PROXIEZ as a host for the keylogging software, and for collecting and maintaining the information stolen through keylogging. But there are consequences of the removal of the crimeware hosting site.
“If the malware has the ability to find or create other connections then things can swiftly get back to (ab)normal,” said Goodwins.
Symantec’s security response manager Patrick Fitzgerald warned that hackers and thieves will just move their control to more “sympathetic internet providers.”
For now, users that complete business transactions online have one less thing to worry about with the removal of PROXIEZ-NET.