Masaryk University’s cybersecurity team warns against installing and using proxyware applications. At first glance, they may seem appealing, but in reality they pose a security risk, as they are actively abused for cyberattacks.
The use of proxyware applications is prohibited on the MU network because they are associated with security and legal risks. We are issuing this warning because we have detected several devices on the MU network being involved in DDoS attacks against organizations in the Czech Republic.
Proxyware applications (such as Honeygain or Repocket) “rent out” part of your internet connection to a third party in exchange for compensation. Once installed, they allow unknown individuals to use your device, your IP address, and your internet connection — but you are the one who bears the consequences. One of these may be the loss of access to Eduroam and EduVPN services at MU.
If you already have proxyware applications installed, uninstall them and scan your device with antivirus software. For security reasons, we strongly advise users not to use them even outside the MU network.
We also recommend:
Verifying the trustworthiness of applications and their publishers.
Checking application permissions and allowing only those that are necessary for the app to function.
Being cautious of promises of easy income, which often conceal security and legal risks.
If you are interested in the context, the terminology, or would like to better understand the reasons behind this warning.
Proxyware is an application (such as Honeygain or Repocket) that, in exchange for compensation, “rents out” part of your internet connection to a third party. Your device then acts as an intermediary, and third-party traffic appears under your IP address. This means that illegal activity (such as phishing or attacks against other services) may also be carried out through your connection, without your control.
Within Masaryk University’s Cybersecurity Team, we have detected several devices on the MU network being involved in DDoS attacks against organizations in the Czech Republic.
The source of these attacks were users who had installed proxyware applications on their devices. The prospect of a small financial reward thus enabled attackers to launch attacks through MU’s infrastructure while at the same time concealing their true identity.
Abuse of your device for attacks: your device may be used for DDoS attacks, malware distribution, or other malicious activity. To outside observers, the attack will appear to originate from you (or, within the MU network, from Masaryk University).
Risk to MU infrastructure: a device connected to the MU network may serve attackers as an entry point into the internal network and help them bypass security measures, including the firewall. Attackers could then target MU infrastructure directly.
Hidden functions and malware: an application from an untrustworthy publisher may contain malicious code or user-tracking tools. This can lead to the theft of sensitive data.
The use of proxyware applications is contrary to MU Directive No. 10/2017. This means that, in the event of a violation, you may lose access to Eduroam and EduVPN services at MU. Specifically, proxyware applications are in conflict with the Directive because they:
Violation of licence terms: the use of proxyware applications may also result in a breach of the terms of paid services and electronic resources accessible through the MU network, which may lead to further legal consequences.
Additional complications: illegal activity carried out through your IP address may be provisionally associated by law enforcement authorities with the user of that connection. You may therefore be asked to provide an explanation or cooperate with an investigation.
Proxyware applications pose a real risk. By using them, users lose control over the traffic routed through their devices. Please remember that their use is prohibited on the MU network.
You can always find everything important about cybersecurity at Masaryk University on https://security.muni.cz/en.
Masaryk University's cybersecurity team warns of a possible wave of DDoS (Distributed Denial of Service) attacks targeting the availability of websites and online services. This warning is primarily intended for system and service administrators.
Masaryk University's cybersecurity team warns of the risks associated with using DeepSeek's AI tools. Based on the warning NÚKIB, we do not recommend using DeepSeek's products - either for work or personal use. Entering information into language models (e.g., AI chatbot) can seriously compromise data in a university environment.
