DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

International cybercrime tackled: Amsterdam police and FBI dismantle proxy service Anyproxy

Posted on May 13, 2025 by Dissent

In a large-scale international investigation, the Amsterdam police, led by the Public Prosecution Service, and the American FBI have taken down the criminal proxy service Anyproxy. This service had been used by cybercriminals since 2004 to anonymously commit criminal acts, including phishing, ransomware attacks and data theft.

Moonlander seizure notice posted by the U.S. Attorney’s Office for the Northern District of Oklahoma, the FBI, and Dutch National Police.

Anyproxy has been used to shut down networks worldwide, steal large sums of money and steal sensitive data – while the perpetrators have remained out of sight. The longevity of the service and the millions of euros in damage it has caused underscore the importance of this action in preventing large-scale cyberattacks.

What is a proxy service?

A proxy service acts as an intermediary on the internet and hides the user’s real IP address. This makes the internet traffic appear to come from another device, for example a router in a Dutch household. Cybercriminals abuse these types of routers, often outdated devices without security updates (so-called “end-of-life” equipment), and then offer them for rent via underground marketplaces – only against anonymous payment in crypto currency. This makes it difficult to track down perpetrators.

While proxy services themselves are not illegal – many companies use them for privacy protection or access to blocked content – ​​they are also abused by criminals to cover their tracks.

International research

The investigation began after the Amsterdam police discovered that a Dutch citizen’s IP address was being misused for digital fraud. This led to the discovery that cybercriminals were gaining access to outdated routers of legitimate internet connections via Anyproxy, which helped them remain undetected.

Anyproxy was responsible for over 6,000 abused IP addresses, many of which were in the United States, according to police investigations. The police then decided to collaborate with the FBI under the name ‘Operation Moonlander’.

Dismantling criminal infrastructure

The Netherlands has one of the best connected digital infrastructures in the world. Especially in and around Amsterdam there are about sixty data centers. These data centers appear – due to the open nature of the market and lack of supervision of hosting services – to be an important base for illegal practices. The police investigation has shown that part of Anyproxy is hosted in the Netherlands.

On Wednesday, May 7, servers of Anyproxy and other affiliated proxy services were seized and taken offline worldwide. This action marks a major step in the fight against organized cybercrime, dismantling a crucial digital infrastructure of criminals.

Do the check yourself – is your router safe?

It turns out that thousands of old routers worldwide that no longer receive updates are being abused without their owners’ knowledge as digital cover for criminal activities such as phishing and ransomware attacks. Outdated routers are an attractive target for cybercriminals. It is important to check whether your router is still supported and whether you receive regular security updates. If you do not receive them, it is time to replace your router. If your router is hacked, this can lead to slower internet, unreliable connections or even the loss of personal data. Cybercriminals can gain access to your network and infect your devices with malware. So make sure that your router is always up to date and well secured.

Check via https://veiliginternetten.nl/doe-je-updates/ whether your equipment is vulnerable. Companies can go to https://www.ncsc.nl/documenten/publicaties/2019/mei/01/zicht-op-risicos-van-legacysystemen

Need for stricter legislation

With this operation, the Netherlands is sending a strong signal: our digital infrastructure must not be a safe haven for criminals. Better legislation is necessary to achieve structural effect. A clear appeal has already been made to the cabinet from the Amsterdam Triangle, including for the introduction of a mandatory Know-Your-Customer (KYC) policy and the banning of anonymous crypto payments.

American Justice

The US Department of Justice has charged three Russians and a Kazakh national for their roles in the criminal proxy services Anyproxy and 5socks.

For more information, see:

https://www.justice.gov/usao-ndok/pr/botnet-dismantled-international-operation-russian-and-kazakhstani-administrators
https://x.com/FBI/status/1920237529204166742?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Etweet
https://x.com/FBI/status/1920222337653145618?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Etweet

Source: Politie.NL

No related posts.

Category: Miscellaneous

Post navigation

← Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency
Personal information exposed by Australian Human Rights Commission data breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Chinese hackers suspected in breach of powerful DC law firm
  • Qilin Emerged as The Most Active Group, Exploiting Unpatched Fortinet Vulnerabilities
  • CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch
  • McDonald’s McHire leak involving ‘123456’ admin password exposes 64 million applicant chat records
  • Qilin claims attack on Accu Reference Medical Laboratory. It wasn’t the lab’s first data breach.
  • Louis Vuitton hit by data breach in Türkiye, over 140,000 users exposed; UK customers also affected (1)
  • Infosys McCamish Systems Enters Consent Order with Vermont DFR Over Cyber Incident
  • Obligations under Canada’s data breach notification law
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • DeleteMyInfo Wins 2025 Digital Privacy Excellence Award from Internet Safety Council
  • TikTok Loses First Appeal Against £12.7M ICO Fine, Faces Second Investigation by DPC
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • How to Build on Washington’s “My Health, My Data” Act
  • Department of Justice Subpoenas Doctors and Clinics Involved in Performing Transgender Medical Procedures on Children
  • Google Settles Privacy Class Action Over Period Tracking App
  • ICE Is Searching a Massive Insurance and Medical Bill Database to Find Deportation Targets

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.
Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report