DOJ and Europol Dismantle SocksEscort Proxy Network, Seize $3.5M in Crypto
US and European law enforcement agencies have dismantled SocksEscort, a global paid proxy service that hid cybercriminals’ locations by infecting routers, computers and IoT devices with AVRecon malware. Investigators say the network compromised at least 369,000 devices across 163 countries and had roughly 124,000 registered users. Over about 15 years the service generated an estimated €5 million (~$5.7M) in revenue from customers who paid anonymously in cryptocurrency. Coordinated raids across multiple countries resulted in seizure of 34 domains, takedown of about 23–24 servers in seven to eight countries, and freezing of roughly $3.5 million in crypto funds. The multiagency operation involved the US Department of Justice, FBI (including Sacramento), IRS-CI, the Defense Criminal Investigative Service, Europol, Eurojust, and partner agencies in Austria, France, Germany, Hungary, the Netherlands, Romania and others, with technical support from Black Lotus Labs and the Shadowserver Foundation. Authorities recovered server infrastructure and user databases containing historical traffic records, which can help identify and prosecute users tied to crimes such as bank fraud and crypto account takeovers dating back to 2020; one victim in New York reported nearly $1M stolen. For crypto traders, the takedown highlights continued criminal use of cryptocurrency for anonymized payments and an increased regulatory and enforcement focus that may pressure privacy-preserving services and prompt exchanges to tighten compliance and transaction monitoring. Key terms: SocksEscort, proxy network, AVRecon, crypto seizure, law enforcement.
Neutral
The takedown targets a criminal infrastructure that used cryptocurrency for payments; it does not directly involve a specific tradeable token or network whose fundamental value would be altered. The immediate market reaction is likely to be muted for major crypto assets because the seized amount (~$3.5M) and estimated illicit revenue (~$5.7M) are small relative to total market liquidity. Short-term effects could include increased scrutiny by exchanges and higher compliance checks, which might temporarily reduce OTC or peer-to-peer flows for privacy-focused services. Mid-to-long-term, the action reinforces regulatory and enforcement risk that disproportionately affects privacy-preserving services and illicit-activity-associated venues, possibly reducing demand for services that enable anonymity. Overall, price impact on mainstream cryptocurrencies is likely neutral, while niche privacy tokens or services could face downward pressure from heightened regulatory enforcement and exchange delistings.