"Hackers Using Log4j Bug to Profit From Victim IP Addresses Through 'Proxyjacking' Scheme"
Dozens of companies charge customers to use a different Internet Protocol (IP) address for activities such as watching YouTube videos unavailable in their region, conducting unrestricted web scraping and browsing, or visiting websites without attributing the activity to their IP. It is known as proxyware, and it is sold globally by companies such as IPRoyal, Honeygain, and Peer2Profit. However, according to researchers from the digital security company Sysdig, cybercriminals have also shown interest in the concept. The researchers are bringing further attention to hackers taking over IP addresses and selling them without authorization. The new trend called "proxyjacking" involves hackers exploiting the Log4j flaw to gain initial access to a system or device before selling its IP information to proxyware services. In recent years, researchers at Cisco Talos Intelligence Group and AhnLab Security have identified attacks involving infected adware to take control of a user's device and use its IP address. Both companies compared it to cryptocurrency mining, where hackers mine cryptocurrency on compromised devices. According to Sysdig, proxyjacking may be more lucrative and easier to get away with because it requires significantly less computing power and energy. This article continues to discuss the proxyjacking scheme.