HK Network-IPidea-ABCProxy alliance reshapes ransomware ecosystem operations
Threat Actor Meta
Summary
Hide ▲
Show ▼
Aisuru-linked proxy providers have consolidated under a HK Network umbrella, expanding the underground residential proxy resale market and making anonymous traffic routing easier to buy at scale. The shift matters because it turns infected consumer and IoT bandwidth into a more organized service layer for cybercrime abuse and large-scale scraping.
Related Happenings
Wang Duo Yu rebrands Smishing Triad into Lighthouse's subscription phishing-kit ecosystem
Threat Actor Meta
First: 12.11.2025 22:59
Last: 12.11.2025 22:59
Sources 1
About this happening:
**Wang Duo Yu** rebranded **Smishing Triad** as **Lighthouse**, converting the operation into a commercial **phishing-as-a-service** business that lowered the barrier for mass smi...
Wang Duo Yu rebrands Smishing Triad into Lighthouse's subscription phishing-kit ecosystem
Threat Actor MetaAbout this happening: **Wang Duo Yu** rebranded **Smishing Triad** as **Lighthouse**, converting the operation into a commercial **phishing-as-a-service** business that lowered the barrier for mass smi...
Cloudflare Radar Top Domains list redacts and hides Aisuru domains
Security Tool/Service
First: 06.11.2025 04:04
Last: 06.11.2025 04:04
Sources 1
About this happening:
**Cloudflare** redacted **Aisuru** domains from its **Top Domains** rankings after the botnet started gaming the public list and distorting trust signals. The update reduces the v...
Cloudflare Radar Top Domains list redacts and hides Aisuru domains
Security Tool/ServiceAbout this happening: **Cloudflare** redacted **Aisuru** domains from its **Top Domains** rankings after the botnet started gaming the public list and distorting trust signals. The update reduces the v...
Smishing Triad evolves into a multi-role phishing-as-a-service ecosystem
Threat Actor Meta
First: 24.10.2025 21:35
Last: 24.10.2025 21:35
Sources 1
About this happening:
**Smishing Triad** has evolved from a phishing-kit purveyor into a **multi-role phishing-as-a-service (PhaaS) ecosystem**, making its smishing operation more scalable and harder t...
Smishing Triad evolves into a multi-role phishing-as-a-service ecosystem
Threat Actor MetaAbout this happening: **Smishing Triad** has evolved from a phishing-kit purveyor into a **multi-role phishing-as-a-service (PhaaS) ecosystem**, making its smishing operation more scalable and harder t...
Aisuru botnet record-setting DDoS activity
Malware Activity
First: 10.10.2025 19:10
Last: 10.10.2025 19:10
Sources 1
About this happening:
**Aisuru** is a **TurboMirai-class IoT botnet** behind **record-setting DDoS activity** that has continued to scale through **2025**. Cloudflare said it mitigated **more than 1,30...
Aisuru botnet record-setting DDoS activity
Malware ActivityAbout this happening: **Aisuru** is a **TurboMirai-class IoT botnet** behind **record-setting DDoS activity** that has continued to scale through **2025**. Cloudflare said it mitigated **more than 1,30...
Latest development: 18.11.2025 10:17
Microsoft automatically detected and neutralized a 5.72 Tbps distributed denial-of-service attack against a single endpoint in Australia; the traffic came from the AISURU TurboMirai-class IoT botnet, used over 500,000 source IPs across various regions, and Microsoft said it was the largest DDoS attack ever observed in the cloud.
Timeline
-
29.10.2025 02:51 1 articles · 7mo ago
HK Network consolidates residential proxy brands
Campaign Scope UpdateResidential proxy providers tied to IPidea and related brands are described as operating under a corporate umbrella known as HK Network on cybercrime forums, with brands including ABCProxy, Roxlabs, LunaProxy, PIA S5 Proxy, PyProxy, 922Proxy, 360Proxy, IP2World, Cherry Proxy, and Yilu Proxy. The consolidation reflects a broader proxy-reseller ecosystem built to monetize bandwidth and make traffic harder to trace back to its original source.
Show sources
- Aisuru Botnet Shifts from DDoS to Residential Proxies — krebsonsecurity.com — 29.10.2025 02:51