• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
RestorePrivacy

RestorePrivacy

Resources to stay safe and secure online

  • News
  • Tools
    • Secure Browser
    • VPN
    • Ad Blocker
    • Secure Email
    • Private Search Engine
    • Data Removal
      • Incogni Review
    • Password Manager
    • Secure Messaging App
    • Tor
    • Identity Theft Protection
    • Unblock Websites
    • Privacy Tools
  • Email
    • Secure Email
    • ProtonMail Review
    • Tutanota Review
    • Mailfence Review
    • Mailbox.org Review
    • Hushmail Review
    • Posteo Review
    • Fastmail Review
    • Skiff Mail Review
    • Runbox Review
    • Temporary Disposable Email
    • Encrypted Email
    • Alternatives to Gmail
  • VPN
    • What is VPN
    • VPN Reviews
      • NordVPN Review
      • Surfshark VPN Review
      • VyprVPN Review
      • Perfect Privacy Review
      • ExpressVPN Review
      • CyberGhost Review
      • AVG VPN Review
      • IPVanish Review
      • Hotspot Shield VPN Review
      • ProtonVPN Review
      • Atlas VPN Review
      • Private Internet Access Review
      • Avast VPN Review
      • TorGuard Review
      • PrivadoVPN Review
    • VPN Comparison
      • NordVPN vs ExpressVPN
      • NordVPN vs PIA
      • IPVanish vs ExpressVPN
      • CyberGhost vs NordVPN
      • IPVanish vs NordVPN
      • ExpressVPN vs PIA
      • VyprVPN vs NordVPN
      • CyberGhost vs ExpressVPN
      • NordVPN vs HideMyAss
      • ExpressVPN vs ProtonVPN
      • Atlas VPN vs NordVPN
      • NordVPN vs Surfshark
      • ExpressVPN vs Surfshark
      • NordVPN vs Proton VPN
      • Surfshark vs CyberGhost
      • Surfshark vs IPVanish
    • Best VPNs
      • Best VPN for Torrenting
      • Best VPN for Netflix
      • Best Free VPN
      • VPN for Firestick TV
      • Best VPN for Android
      • Best VPN for Gaming
      • Best VPN for PC
      • Best VPN for Disney Plus
      • Best VPN for Hulu
      • Best VPN for Mac
      • Best VPN for Streaming
      • Best VPN for Windows
      • Best VPN for iPhone
    • VPN Coupons
      • ExpressVPN Coupon
      • NordVPN Coupon
      • Cyber Monday VPN Deals
      • NordVPN Cyber Monday
      • Surfshark VPN Cyber Monday
      • ExpressVPN Cyber Monday
    • VPN Guides
      • Free Trial VPN
      • Cheap VPNs
      • Static IP VPN
      • VPN Ad Blocking
      • No Logs VPN
      • Best VPN Chrome
      • Best VPN Reddit
      • Split Tunneling VPN
      • VPN for Binance
      • WireGuard VPN
      • VPN for Amazon Prime
      • VPN for Linux
      • VPN for iPad
      • VPN for Firefox
      • VPN for BBC iPlayer
    • By Country
      • Best VPN Canada
      • Best VPN USA
      • Best VPN UK
      • Best VPN Australia
      • VPN for Russia
    • VPN Router
  • Password
    • Best Password Managers
    • Comparisons
      • NordPass vs 1Password
      • 1Password vs LastPass
      • NordPass vs LastPass
      • RoboForm vs NordPass
      • 1Password vs Bitwarden
      • Dashlane vs NordPass
      • 1Password vs Dashlane
      • NordPass vs Bitwarden
    • KeePass Review
    • NordPass Review
    • 1Password Review
    • Dashlane Review
    • RoboForm Review
    • LastPass Review
    • Bitwarden Review
    • Strong Password
  • Storage
    • Best Cloud Storage
    • pCloud Review
    • Nextcloud Review
    • IDrive Review
    • SpiderOak Review
    • Sync.com Review
    • MEGA Cloud Review
    • NordLocker Review
    • Tresorit Review
    • Google Drive Alternatives
  • Messenger
    • Secure Messaging Apps
    • Signal Review
    • Telegram Review
    • Wire Review
    • Threema Review
    • Session Review
  • Info
    • Mission
    • Press
    • Contact
  • News
  • Tools
    • Secure Browser
    • VPN
    • Ad Blocker
    • Secure Email
    • Private Search Engine
    • Data Removal
      • Incogni Review
    • Password Manager
    • Secure Messaging App
    • Tor
    • Identity Theft Protection
    • Unblock Websites
    • Privacy Tools
  • Email
    • Secure Email
    • ProtonMail Review
    • Tutanota Review
    • Mailfence Review
    • Mailbox.org Review
    • Hushmail Review
    • Posteo Review
    • Fastmail Review
    • Skiff Mail Review
    • Runbox Review
    • Temporary Disposable Email
    • Encrypted Email
    • Alternatives to Gmail
  • VPN
    • What is VPN
    • VPN Reviews
      • NordVPN Review
      • Surfshark VPN Review
      • VyprVPN Review
      • Perfect Privacy Review
      • ExpressVPN Review
      • CyberGhost Review
      • AVG VPN Review
      • IPVanish Review
      • Hotspot Shield VPN Review
      • ProtonVPN Review
      • Atlas VPN Review
      • Private Internet Access Review
      • Avast VPN Review
      • TorGuard Review
      • PrivadoVPN Review
    • VPN Comparison
      • NordVPN vs ExpressVPN
      • NordVPN vs PIA
      • IPVanish vs ExpressVPN
      • CyberGhost vs NordVPN
      • IPVanish vs NordVPN
      • ExpressVPN vs PIA
      • VyprVPN vs NordVPN
      • CyberGhost vs ExpressVPN
      • NordVPN vs HideMyAss
      • ExpressVPN vs ProtonVPN
      • Atlas VPN vs NordVPN
      • NordVPN vs Surfshark
      • ExpressVPN vs Surfshark
      • NordVPN vs Proton VPN
      • Surfshark vs CyberGhost
      • Surfshark vs IPVanish
    • Best VPNs
      • Best VPN for Torrenting
      • Best VPN for Netflix
      • Best Free VPN
      • VPN for Firestick TV
      • Best VPN for Android
      • Best VPN for Gaming
      • Best VPN for PC
      • Best VPN for Disney Plus
      • Best VPN for Hulu
      • Best VPN for Mac
      • Best VPN for Streaming
      • Best VPN for Windows
      • Best VPN for iPhone
    • VPN Coupons
      • ExpressVPN Coupon
      • NordVPN Coupon
      • Cyber Monday VPN Deals
      • NordVPN Cyber Monday
      • Surfshark VPN Cyber Monday
      • ExpressVPN Cyber Monday
    • VPN Guides
      • Free Trial VPN
      • Cheap VPNs
      • Static IP VPN
      • VPN Ad Blocking
      • No Logs VPN
      • Best VPN Chrome
      • Best VPN Reddit
      • Split Tunneling VPN
      • VPN for Binance
      • WireGuard VPN
      • VPN for Amazon Prime
      • VPN for Linux
      • VPN for iPad
      • VPN for Firefox
      • VPN for BBC iPlayer
    • By Country
      • Best VPN Canada
      • Best VPN USA
      • Best VPN UK
      • Best VPN Australia
      • VPN for Russia
    • VPN Router
  • Password
    • Best Password Managers
    • Comparisons
      • NordPass vs 1Password
      • 1Password vs LastPass
      • NordPass vs LastPass
      • RoboForm vs NordPass
      • 1Password vs Bitwarden
      • Dashlane vs NordPass
      • 1Password vs Dashlane
      • NordPass vs Bitwarden
    • KeePass Review
    • NordPass Review
    • 1Password Review
    • Dashlane Review
    • RoboForm Review
    • LastPass Review
    • Bitwarden Review
    • Strong Password
  • Storage
    • Best Cloud Storage
    • pCloud Review
    • Nextcloud Review
    • IDrive Review
    • SpiderOak Review
    • Sync.com Review
    • MEGA Cloud Review
    • NordLocker Review
    • Tresorit Review
    • Google Drive Alternatives
  • Messenger
    • Secure Messaging Apps
    • Signal Review
    • Telegram Review
    • Wire Review
    • Threema Review
    • Session Review
  • Info
    • Mission
    • Press
    • Contact

Widely Promoted Proxyware Platforms Put Users at Risk

February 8, 2023 By Heinrich Long — 6 Comments
Proxy Proxyware Platforms Put Users at Risk Malware

Network bandwidth-sharing applications, also known as “proxyware,” can pose grave security and legal risks to their users.

As security company Trend Micro explains in a report published recently, several prominent proxyware platforms that turn people’s computers into residential IP proxies for others to use do not generate income for the donors but for the developers.

Additionally, in many cases, they might expose users to malware infections and even put them in legal trouble due to someone using their IPs for illegal purposes.

Unfortunately, these proxyware platforms are promoted by many famous YouTubers and bloggers who don’t perform code vetting or process scrutiny, hence sending their audience to risky platforms.

Shiny Industry

Users of network bandwidth-sharing platforms are asked to download a client app and then let it run in the background at all times, giving away available bandwidth or sometimes processing resources to those in need while passing traffic through the user’s IP address.

Home page of Honeygain, a popular network bandwidth sharing platform

Residential IPs are valuable for routing network requests because they are considered trustworthy by network security tools that treat traffic originating from them as genuine. Datacenter IPs, on the other hand, often facilitate bot traffic and quickly find their place in blocklists.

Users sharing their connections get credits which can be exchanged for discounts on affiliated platforms or exchanged with cryptocurrency or fiat money.

In theory, it is a win-win situation, helping people make the most of their available bandwidth without getting charged extra by their ISP.

Looking Under the Hood

Trend Micro investigated the claims made by popular proxyware apps like HoneyGain, TraffMonitizer, Peer2Profit, PacketStream, and IPRoyal Pawns, all promising easy ways to make money.

The security researchers captured and examined traffic coming from the exit nodes of these platforms for a total of nine months in 2022, identifying several signs of suspicious activity.

A summary of what Trend Micro saw is given below:

  • Access to 3rd-party SMS and SMS PVA services – Honeygain, PacketStream
  • Accessing potential click-fraud or silent advertisement sites – Honeygain
  • SQL injection probing – Honeygain, PacketStream, IPRoyal Pawns
  • Attempts to access /etc/passwd and other security scans – Honeygain, PacketStream
  • Crawling government websites – Honeygain
  • Crawling of personally identifiable information (including national IDs and SSN) – IPRoyal Pawns
  • Bulk registration of social media accounts – IPRoyal Pawns

In addition to the above, the proxyware apps reviewed by Trend Micro often facilitated illegal activities such as bulk account registration for spamming and phishing, participation in click fraud operations, SQL injection attempts, government website crawling, and more.

Many of these activities are illegal in most countries and could put the owners of the residential IP addresses that appear as the source of that traffic in legal trouble.

Since these proxyware client apps do not allow users to monitor what kind of traffic goes through their IPs, the risk of finding trouble remains significant at all times.

Masked Proxyware

Trend Micro has also discovered a set of apps that do not promote themselves as passive income generators but install an SDK that turns the host into a proxy anyway.

Mention of the Globalhop SDK in the installer
Trend Micro

Obviously, any credits generated by these apps go to their authors and distributors, while the victims donate bandwidth without knowing it.

The malicious apps hiding proxyware inside them are:

  • Walliant, an automated wallpaper changer
  • Decacopy Clipboard Manager, a program designed to store users’ recent copy-pasted content
  • EasyAsVPN, unwanted software often installed by tricking users
  • Taskbar System, an app that changes the color of your taskbar
  • Relevant Knowledge, an adware
  • RestMinder, a clock software that reminds users to take a rest
  • Viewndow, software that keeps selected app window pinned
  • Saferternet, DNS based web-filtering software

Trend Micro reports that the proportion of legitimate to malicious traffic observed from the exit nodes of these apps is similar to that of the non-hidden proxyware platforms, so the same risks apply here.

For all the reasons discussed in this article, users are advised to steer clear from proxyware no matter who promotes it or what promises accompany these promotions. “Passive income” software, even the legitimate kind, may incur a lot more damage in a single day than the revenue it will generate over an extended period of time.

Related Articles:

  • Custom Tor Browser Promoted on YouTube Infects Users with Malware
  • Free VPN Services

About Heinrich Long

Heinrich is an associate editor for RestorePrivacy and veteran expert in the digital privacy field. He was born in a small town in the Midwest (USA) before setting sail for offshore destinations. Although he long chafed at the global loss of online privacy, after Edward Snowden’s revelations in 2013, Heinrich realized it was time to join the good fight for digital privacy rights. Heinrich enjoys traveling the world, while also keeping his location and digital tracks covered.

Reader Interactions

Comments

  1. Jan

    March 20, 2023

    My anti virus comes up with a message about this malware for repocket app when previously it didn’t have this issue. I’ve given the app 6 months on my computer and on my phone I’ve made precisely 25cents for 1gb of data, when i would pay much more than that if i was pay as you go it’s not worth it and to top if off with malware message on top I have now deleted this.

    Reply
  2. ambo hopskin

    February 11, 2023

    Who would be in his right mind to share his IP to people he doesn’t even know?

    Reply
    • BoBeX

      February 14, 2023

      Hi @ambo hopskin, the returns are so small it is not even worth the effort, it is only going to be people with access to internet connections, smart devices, PCs and who are also incentivised by small amounts of money.. Given many kids desperate for money to buy in game credits, participate in paid online surveys and sit and get paid to watch adds for small amounts of money, I am going to guess they are likely to be amongst the targeted persons. Kids are also more likely to be cyber naive and/or greater prepared to take risk and to be more likely to not foresee the consequences. GL,

      Reply
      • BoBeX

        February 14, 2023

        …Kids are also more likely to value gift cards (which is an option in many of these services / malware) to dodge the parents.
        Very worrying!

        Reply
  3. BoBeX

    February 8, 2023

    Hi RP Community,

    This is absolutely despicable behaviour by the developers and promoters.

    Out of curiosity I searched on YouTube for this activity. Searching for “Proxyware” returned results with warnings about the dangers, then in searching for “Passive income Apps” and yes there are channels dedicated to this activity, I only watched the top ranking result and yes the channel promoted “Honeygain, PacketStream, IPRoyal Pawns,” and yes the channel offered a $5.00 coupon to sign up.

    This is despicable and appalling. The channel noted that for each app you may only pay $1.00 per week (it varies depending on the app) but what they recommended was “app stacking” where the recommendation was to sign up for as many apps as possible.

    I don’t believe anyone who regularly reads RP would come close to falling for such schemes. They are targeting the vulnerable, the naive and financially desperate.

    The attention of consumer protection agencies in my jurisdiction, (I believe) would nail this as ‘predatory’ and ‘deceptive’ conduct; But they probably won’t until the victims pile up and the consequences reach scale.

    To the developers, this is just scummy malware with financial incentives for influences who gain promoting DIY malware.

    G.L. all,

    Reply
  4. Anonymous

    February 8, 2023

    A little crude . But hey . The government plays dirty , why cant we . Two wrongs make a right .

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Sidebar

Digital Privacy Essentials:
Secure Browser
Private Search Engines
Secure Email
Best Password Managers
Secure Messaging Services
Best Ad Blockers
Best VPN Services
Secure Cloud Storage

Privacy & Security Guides:
Privacy Tools
Alternatives to Google Products
Firefox Privacy Modifications
Five Eyes, 9 Eyes, 14 Eyes Spying
Browser Fingerprinting
Is Tor Safe?
Alternatives to Gmail
VPN vs Tor
Alternatives to WhatsApp
Is Your Antivirus Spying on You?
Controlling Communication Channels is Crucial for Privacy
Anonymity Networks: VPNs, Tor, and I2P
How to Really Be Anonymous Online
Private and Anonymous Payments

Secure Email Reviews:
ProtonMail Review
Tutanota Review
Mailfence Review
Mailbox.org Review
Hushmail Review
Posteo Review
Fastmail Review
Runbox Review
CTemplar Review
Temporary Email Services
Encrypted Email

Password Manager Reviews:
Bitwarden Review
LastPass Review
KeePass Review
NordPass Review
Dashlane Review
1Password Review
Best Password Managers

Secure Messaging App Reviews:
Wire Review
Signal Review
Threema Review
Telegram Review
Session Review
Wickr Review

Secure Cloud Storage Reviews
Tresorit Review
MEGA Cloud Review
Sync.com Review
Nextcloud Review
IDrive Review
pCloud Review
SpiderOak Review
NordLocker Review

How To Guides
How to Encrypt Files on Windows
How to Encrypt Email
How to Configure Windows 10 for Privacy
How to use Two-Factor Authentication (2FA)
How to Secure Your Android Device for Privacy
How to Secure Your Home Network
How to Protect Yourself Against Identity Theft
How to Unblock Websites
How to Fix WebRTC Leaks
How to Test Your VPN
How to Hide Your IP Address
How to Create Strong Passwords
How to Really Be Anonymous Online

About RestorePrivacy

Contact

Restore Privacy Checklist

  1. Secure browser: Modified Firefox or Brave
  2. VPN: NordVPN [63% Off Coupon] or Surfshark
  3. Ad blocker: uBlock Origin or AdGuard
  4. Secure email: Mailfence or Tutanota
  5. Secure Messenger: Signal or Threema
  6. Private search engine: MetaGer or Brave
  7. Password manager: NordPass or Bitwarden

About

RestorePrivacy is a digital privacy advocacy group committed to helping people stay safe and secure online. You can support this project through donations, purchasing items through our links (we may earn a commission at no extra cost to you), and sharing this information with others. See our mission here.

We’re available for Press and media inquiries here.

RestorePrivacy is also on Twitter

COPYRIGHT © 2023 RESTORE PRIVACY, LLC · PRIVACY POLICY · TERMS OF USE · CONTACT · SITEMAP