Where did DSLRoot originate from?

DSLRoot was formed in 2012, with origins in Russia and Eastern Europe. It is based in the Bahamas.

How much does DSLRoot pay individuals to host its equipment?

DSLRoot pays individuals $250 per month to host its devices.

Who is USProxyKing in relation to DSLRoot?

USProxyKing is a BlackHatWorld user who has been associated with DSLRoot.

DSLRoot's Residential Proxy Network Raises Cybersecurity Concerns

Q: What is the controversy surrounding DSLRoot?

The business model of DSLRoot has raised questions about the legitimacy of 'legal botnets' and the potential for abuse.

A Reddit user shares their experience with DSLRoot, a residential proxy network that pays individuals to host its hardware and software on their home networks. The company's business model has sparked discussions about the legitimacy of 'legal botnets'.

The cybersecurity community has been abuzz with concern over a residential proxy network called DSLRoot, which has been paying individuals to host its hardware and software on their home networks. The company's business model has raised questions about the legitimacy of "legal botnets" and the potential for abuse.

What Happened

A Reddit user named Sacapoopie posted a question about their arrangement with DSLRoot, which pays them $250 per month to host devices in their home. The post sparked a lively discussion among cybersecurity enthusiasts, who expressed surprise that someone with top-secret security clearance would agree to let a residential proxy company introduce hardware into their network.

Sacapoopie described the equipment supplied by DSLRoot as "just two laptops hardwired into a modem," which then connects to a DSL port in the wall. The Redditor explained that they discovered the company and reached out after viewing an advertisement on a social media platform, and have since communicated with a technician from the company to troubleshoot connectivity issues.

Background and Context

DSLRoot is one of the oldest residential proxy networks, with origins in Russia and Eastern Europe. The company was formed in 2012 and is based in the Bahamas. It pays individuals in the United States to run its hardware and software on their home networks, renting out dedicated proxies to customers worldwide for $190 per month.

The GlobalSolutions account on BlackHatWorld lists a Telegram account and a WhatsApp number in Mexico, while DSLRoot's profile on digitalpoint.com shows that their previous username was "Incorptoday." DomainTools records show that instantvirtualcreditcards[.]com shared a host with just a handful of domains, including dslroot[.]com, regacard[.]com, and 4groot[.]com.

Intel 471 found that GlobalSolutions registered on BlackHatWorld in 2016 using the email address [email protected]. The user shared their birthday as March 7, 1984. Several negative reviews about DSLRoot noted that the service was operated by a BlackHatWorld user calling himself "USProxyKing."

Why It Matters to the Industry

The emergence of "legal botnets" raises concerns about the potential for abuse and the blurring of lines between legitimate network use and malicious activity. The use of residential proxy networks can be a legitimate way to anonymize traffic, but it also creates opportunities for malicious actors to exploit these services.

Lloyd Davies, founder of Infrawatch, reverse-engineered the software that powers DSLRoot's proxy service and found that it phones home to the domain proxysource[.]net. The software has capabilities to remotely control residential networking equipment across multiple vendor brands, using vendor-specific exploits and hardcoded administrative credentials.

Davies noted that the entire DSLRoot network now has fewer than 300 nodes nationwide, mostly systems on DSL providers like CenturyLink and Frontier. GlobalSolutions posted on BlackHatWorld saying they are restructuring their business model by downgrading to "DSL only" lines (no mobile or cable).

What Comes Next

The cybersecurity community is left wondering what the implications of this trend will be for the industry as a whole. As more residential proxy networks emerge, it's likely that we'll see an increase in the use of these services for malicious purposes.

Davies noted that the proliferation of residential proxy services has made it difficult for companies like DSLRoot to compete, leading them to downsize their operations. However, this also raises concerns about the potential for abuse and the need for greater regulation and oversight.

Key Facts

DSLRoot is a residential proxy network that pays individuals to host its hardware and software on their home networks.
The company has been paying $250 per month to Sacapoopie, a Reddit user with top-secret security clearance.
GlobalSolutions registered on BlackHatWorld in 2016 using the email address [email protected].
Intel 471 found that GlobalSolutions shared a host with just a handful of domains, including dslroot[.]com and regacard[.]com.
Lloyd Davies reverse-engineered the software that powers DSLRoot's proxy service and found capabilities to remotely control residential networking equipment.
The entire DSLRoot network now has fewer than 300 nodes nationwide, mostly systems on DSL providers like CenturyLink and Frontier.