The Justice Department and Dutch law enforcement have taken significant action against a pair of network providers that facilitated cybercrime, seizing the website infrastructure of 5socks and Anyproxy. These services, with Russian ties, offered location and identity-masking tools to cybercriminals, who used them to hide their identities and launch attacks without being detected.

FiveSocks, which claimed to have been operating since 2004, was a website that allowed users to purchase "elite anonymous proxies at affordable price" with cryptocurrency payments. The site offered access to over 7,000 proxy service offerings and could be navigated in Russian, indicating that Russian-speaking hacking groups relied on FiveSocks tooling to mask their exploits. The site's domain was registered to an address in Moscow, further highlighting its ties to Russia.

The compromised routers used by FiveSocks formed a botnet, which served as the backbone for the proxies. This botnet was designed to hide users' locations and was created from hijacked, older-model wireless routers around the world. Prosecutors believe that the defendants made over $46 million through these schemes.

Three Russian nationals — Alexey Chertkov, Kirill Morozov, and Aleksandr Shishkin — and Kazakhstani national Dmitriy Rubtsov were charged with operating the proxy services. These individuals are believed to have orchestrated the operation of the botnet and the sale of proxies to cybercriminals.