ProxySmart Software Powers Global SIM Farm Cybercrime Operations

Severity: High (Score: 70.5)

Sources: Infosecurity-Magazine, infrawatch.com, Cybersecuritynews, Feeds2.Feedburner

Summary

Infrawatch's investigation reveals that ProxySmart, a Belarus-based software platform, is enabling the operation of 87 SIM farms across 17 countries, including 94 locations in the U.S., Europe, and South America. These SIM farms facilitate various cybercrime activities such as smishing, premium-rate fraud, and bot sign-ups, leveraging a control panel that allows for automated IP rotation and device management. The platform is marketed as a 'SIM Farm as a Service,' lowering the technical barriers for operators. The U.S. Secret Service and Europol have previously dismantled similar operations, highlighting the ongoing threat posed by such infrastructures. ProxySmart's capabilities include remote device control and network fingerprint spoofing, making it a significant tool for cybercriminals. The investigation indicates a lack of meaningful KYC processes, making these services accessible to a wide range of users. The findings emphasize the need for heightened awareness and action against this growing cybercrime ecosystem. Key Points: • ProxySmart powers 87 SIM farms across 17 countries, facilitating large-scale cybercrime. • The platform enables automated IP rotation and device management, lowering entry barriers for operators. • Previous law enforcement actions have targeted similar infrastructures, indicating a persistent threat.

Key Entities

• Phishing (attack_type)
• Australia (country)
• Belarus (country)
• Brazil (country)
• Canada (country)
• China (country)
• Android (platform)
• IOS (platform)
• MacOS (platform)
• Windows (platform)
• OpenVPN (platform)
• ProxySmart (tool)
• Python (tool)
• HTTP Proxies (tool)
• ModemManager (tool)
• P0f (tool)
• 739f22524fb0fbb64d9bd8bd9e54df73e17abbe8807ca6df350f69078e4bf164 (sha256)
• a644971c559002e70e6adef6a887f236045d9e37448ff0fe9d187767f779ac42 (sha256)