Where do those Free Proxies for Bots Come From ?

Everyone has a budget, for whatever task they’re trying to achieve online. However the mistake many people make is to try and completely eliminate or minimize the expense of vital components. For example this web site deals primarily with proxies, VPNs and ways to hide and expand your digital footprint. Using proxies is the logical way to do this, they work and you can operate on a level that is impossible by just using a single internet connection in an office or from home.

Indeed it’s almost impossible now to operate any sort of business online with a single IP address as there’s so many restrictions, filters and blocks that you’ll inevitably face. Whether you’re into Ecommerce, affiliate marketing, social media promotion or any sort of combination or variant of these, you will almost certainly need to use proxies in some instances. It doesn’t matter what you’re doing, even the most legitimate marketing company will need the ability to switch identities or hide their location at some point.

After all who can operate online effectively with a single social media account or by being limited to placing Craigslist adverts in their specific region. It’s like automatically restricting the size or scope of your online business. What’s more a single identity raises the risks considerably, most of us have probably heard of someone inexplicably losing their Instagram or Twitter account. Why take the risk when you can spread your business across different accounts and platforms with multiple identities.

The amount of proxies you’ll need will of course vary hugely depending on your scale and what you’re trying to achieve. Certainly if you’re going the mass automated route like using Bots to manage social media profiles or other platforms then you’ll need a considerable amount. For many people even internet marketers, then a few quality proxies will be more than sufficient.

So for example, I operate a reasonable size internet based business which does use software like Jarvee. I probably use more proxies than I genuinely need, but as one of life’s worriers the cost is worth it than taking any sort of risk. I generally stick with a couple of companies I’ve found by trial and error plus some recommendations. For example at the moment I’m mainly using a company called RotatingProxies who were recommended by the most successful Instagram Marketer I know. His accounts are valuable (way more than mine!) so I know he’d only use decent proxy services to manage them.

Free Proxies for Bots

If you’re using software then that’s where the temptation comes to go for bulk rather than quality, which is rarely a smart move. You might think that using an automated tool and spreading your account management over hundreds of IP addresses of unknown origin would be a safe move, well it isn’t. If something is very cheap or free it means that the cost to the supplier is negligible too, which usually means it’s either stolen or at least obtained from a dubious source.

Getting hold of legitimate residential IP address ranges is expensive however you go about it. Even renting these from other companies or providers costs a significant amount which obviously has to be recovered some way.

The reality is that there are an increasing number of companies providing proxy services which are basically running through hacked or stolen internet connections. As this story from the ZDNet explains –

A website offering both free and commercial proxy servers is actually running on top of a giant botnet of hacked WordPress sites, security researchers from Netlab, a network threat hunting unit of Chinese cyber-security giant Qihoo 360, have revealed.

In a report published today, Netlab researchers accused the Free-Socks.in proxy service of masquerading as a front for a criminal operation.

Researchers said that users who would use any of the proxy servers provided by the Free-Socks.in website would actually have their traffic funneled through a network of hacked WordPress sites spread all over the world.

NEW LINUX.NGIOWEB MALWARE USED TO BUILD PROXY BOTNET

These WordPress sites were hacked and infected with a web shell, which acted as a backdoor, and the Linux.Ngioweb malware, which acted as the proxy agent.

Netlab researchers looked closely at the Linux.Ngioweb malware because this was a new strain that had not been seen before. After analyzing it, they said that Linux.Ngioweb contained two separate command and control (C&C) servers.

The first one — named Stage-1 — was used to manage all the infected sites (bots). The second set of C&C servers — named Stage-2 servers — worked as backconnect proxies between the Free-Socks.in service and the infected sites, funnelling traffic from the service’s customers to the hacked WordPress sites, which then relayed it to its final destination.

Source: https://www.zdnet.com/article/free-proxy-service-found-running-on-top-of-2600-hacked-wordpress-sites/

This is alas the sort of place where free proxies are coming from, huge botnets spread by malware infecting clients and servers. The proxies in this story where in fact created in two stages –

  • malware infecting client PCs (to obtain residential IP addresses)
  • commercial WordPress sites hacked and used as backconnect proxies to control them

The malware is specifically designed to create a proxy based botnet from scratch, creating a huge pool of IP addresses for virtually no cost.  This is why they can be offered for no cost as no expenses are really incurred when stealing other people’s internet connections.

Here’s the company involved, obviously I don’t want to reward them with a link of any kind !

Free Proxies for Bots

It looks pretty legitimate, I’m sure you’d agree – nice friendly interface and lots of lovely free residential proxies – ahem ‘checked’ to see if they’re still available.  Which in this context means that they’re still riddled with malware and part of the botnet.   How tempting is it to fire up your Bot or favorite research tool and copy in a load of those free proxies!

Of course the minute  you do this, your routing your traffic (including probably passwords and account names) through a criminal network designed with one purpose – profit. So the risks are huge to your information, but also to any accounts you manage through these addresses.   Most of the IPs will eventually be flagged and will almost certainly be used for other criminal activities too.

At best you’re risking your own credentials but in reality you’ll be managing or accessing accounts using seriously blacklisted addresses. Anyone using these even completely innocently will look like a criminal. So expect to be completely locked out if you expect to use these as residential sneaker proxies for example. What’s more be prepared to get any associated payment details flagged too, although the botnet owners will probably have those cloned those pretty quickly anyway.

Sure using dedicated residential proxies from a reputable firm may seem expensive, but the costs of using free proxies for Bots or any sort of internet marketing is potentially huge!  Take it from me, anyone who is remotely successful would never touch any sort of free or cheap proxy setup.

 

Leave a Reply