Think Twice About Using Free Proxies

We all like free don’t we? After all why pay for something that you can get for nothing, which is a totally logical argument.  However as you get older and hopefully a little wiser, there are further questions which start to impinge on this philosophy.   The most important question you can ask yourself – is why is this thing free?  Why are people expending time, money and effort in providing something to me for no gain whatsoever.  The answers are often quite straightforward, but in many situations there does seem to be no logical reason.

However as far as free proxies go, there are usually many possible explanations.   It’s useful to have an idea about these before you think of using them –

  • Accidental – yes in this world where everything seems to be connected to the internet then there are plenty of ‘accidental proxies’ around.  The reasons vary but it usually revolves around a server accidentally left open to the internet somewhere, often by an inexperienced IT technician or someone who really doesn’t know what they’re doing.  Also you’ll often find proxies installed on home connections via malware, rogue applications or someone who’s not that experienced in IT.   The possibilities are endless and some of these ‘accidental proxies’ can even sit on high powered corporate or educational networks.   The question of whether you use them, is often a matter of considering the legal and moral responsibilities of doing so.
  • Profit Making (legal) – just because a proxy server looks like it’s free doesn’t mean that’s the case.  Many free services and software that you find online have hidden costs which are often difficult to spot.  For example many popular free VPN services, actually use some of your internet connection as payment in kind, which they then resell.  This model also is extended to many ‘free apps’ you’ll find online too, remember everything has some sort of cost.  Free proxies typically rely on injecting adverts into your browsing which generates income, it can be quite a lucrative method to provide ‘free proxies’.
  • Profit Making (illegal) -now although substantial profits can be made using the slightly sneaker, but usually legal method of reselling or spamming you with adverts.  There is a method of using free proxies to make much larger gains.  That is basically using them to gain access to your computer and stealing personal data and credentials.  Indeed you can add to this reselling bandwidth just to complete the information nightmare.

None of these options is entirely enticing, and all of them carry a substantial risk to your personal information and your computer.  Additionally the first category  – ‘accidental’ will often change into one of the other two categories as some enterprising cyber criminal takes it over without too much difficult.

How Can Free Proxies Steal Your Information ?

Using proxies is hugely attractive to cyber criminals because literally thousands of computers can be attacked very quickly.  When using any proxy you are basically creating a trusted tunnel between you and the proxy server.  You are ‘trusting it’ to act as a simple forwarder to send and receive data on  your behalf, unfortunately you’ll probably be unaware if it doesn’t do this.

Free Proxies

This is worth a read – a pretty old post which alarmed a lot of people when it was published initially but still very relevant today – Why are Free Proxies Free – click to read .  It’s basically an example of how to set up a free proxy which can be used to generate income from unsuspecting users, and worryingly it’s pretty straight forward.

  1. [Server] Install Squid on a linux server
  2. [Payload] Modify the server so all transmitted javascript files will get one extra piece of code that does things like send all data entered in forms to your server
  3. [Cache] Set the caching time of the modified .js files as high as possible

The method was actually demonstrated in a previous Defcon presentation by Chema Alonso, however in this case it was used to track and detect the spammers and hackers themselves.   In his proof of concept experiment, he was able to ‘infect’ over 5000 users in a few days.   You can imagine the potential rewards for anyone stealing from each of those individuals, whether it was just their credentials or money, or both.   This is probably a conservative estimate in infected numbers too, because if you enabled the proxy on one of the many popular proxy lists you’d surpass that number I’m sure.

Doesn’t look like much work does it?  In practical terms the proxy would be forcing your computer to load an infected Java script file which can do all manner of sneaky things to your computer and data.  It could certainly be used to harvest all your account credentials like usernames and passwords.  Your bank accounts, credit cards and things like Paypal accounts would be at the top of the list too.

Indeed it could actually go much further and take control of your computer and enroll it in any manner of Botnets.  Your computer might just seem slow one evening but it actually might be involved in a DDoS attack on some web server without your knowledge.  Or perhaps your computer could be used for a storage facility for illegal pornography!  None of this is good, obviously and unfortunately these are not obscure and unlikely risks but very real ones.