SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Friday, January 30th, 2026: Residential Proxy Networks; Clowdbot/Moltbot Themed Malware; eScan Malicious Updates
12 snips
Jan 30, 2026 Coverage of a major takedown of a global residential proxy network and why such proxies are hard to block. Alerts about malicious VS Code extensions leveraging CloudBot/Moltbot news to deliver remote access tools. A supply-chain compromise at an antivirus vendor that pushed malicious updates and what was affected.
AI Snips
Chapters
Transcript
Episode notes
Residential Proxies Evade Detection
- Residential proxy networks use average home IP addresses that are hard to distinguish from normal traffic and frustrate defenders.
- Google took down management domains, but individual proxy installs likely remain active on users' machines.
Uninstall Unknown Proxy Software
- If you or someone you know installed proxy software, inspect and uninstall it to stop misuse of your IP.
- Remove volunteer proxy clients because their continued operation can support criminal activity.
Hype Drives Malware Distribution
- High-profile malware stories spawn copycat lures that impersonate current threats like CloudBot/MoltBot.
- Attackers weaponize hype to trick developers and spread new malware variants.