Dragging Out Dragons: Slaying Hidden Threats in Residential Networks
Christo Roberts
BSidesSF 2025 — Here Be Dragons · Day 1 · Main
Residential and mobile IP proxies — services that route malicious traffic through ordinary home internet connections and cell phones — are far harder to detect than datacenter proxies and are increasingly exploited by everyone from nation-state actors to script kiddies. Christo Roberts, a technical consultant at Cloudflare, breaks down how these proxy networks operate, why mobile IPs are the most potent weapon in an attacker's arsenal, and what defenders can realistically do to detect and mitigate them. ---
AI review
A solid operational overview of residential and mobile proxy threats, with useful detection technique layers and the proxy jacking case study being the most underreported finding in the talk. Roberts is candid about the limits of any single approach, which I respect, but the material reads more as a well-organized survey than original research.