Smokeproxy - Security Investigation VPN

Smokeproxy is an invisibility cloak for your security team. It’s a specialised VPN proxy service that helps you carry out more successful malware analysis and fraud investigations.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.

A specialised VPN proxy service purpose-built for security teams in Australia and New Zealand.

As infosec professionals, we built Smokeproxy because we got tired of trying to conduct critical malware analysis and fraud investigations using VPNs built with a single use-case in mind: streaming another country’s Netflix shows.

The IP addresses used by cheap commercial VPNs generate suspicion because they’re well known to criminals. Once a fraudster suspects they’re being investigated, they’ll do everything they can to block your efforts. Worst of all, they’ll know exactly how to evade your investigation next time.

Some security teams try to cover their tracks by using an AWS EC2 box, but fraudsters are actively looking for this. A connection coming from a datacentre and a connection from a potential victim look very different. Because this is such a common pattern for investigations, fraudsters can easily automate a response to this, including blocking traffic that looks like it’s coming from an AWS box. Once this happens, investigation is almost impossible.

Mass-market VPNs and other workarounds can end up compromising the effectiveness of your malware analysis and investigations. They’re just not worth it.

What if you could carry out malware analysis and fraud investigations all while looking exactly like a potential victim?

  • Smokeproxy gives you a rotating bank of IP addresses from Australia and New Zealand. These IP addresses are totally unknown to fraudsters. When using Smokeproxy, your IP address will be indistinguishable from the IP addresses of potential victims. You’ll be assigned a fresh, location-appropriate IP address whenever you need it.
  • Connections look like 4G mobile connections from major Australasian networks. Investigate phishing sites while disguised as a mobile connection coming from a major population hub in Australia. Smokeproxy uses major consumer networks like Telstra, Optus and Vodafone, exactly like potential scam victims. There’s no easy way for criminals to know that you’re on their case.
  • We keep your activity private. Mass-market VPNs are known to keep logs of user activity, which may include logs of your investigations. Smokeproxy doesn’t store logs of your activity on our servers, keeping your investigation private and reducing the risk of a data breach.
  • Automated IP rotation. Smokeproxy handles IP rotation for you, meaning you’ll never risk alerting criminals because you forgot to manually rotate your IP address.
  • We configure and maintain Smokeproxy for you. We’ll get Smokeproxy up and running whether you need it for a single machine or a dedicated fleet of malware sandboxes.

The right tool for the job.

In our experience, cheap mass-market VPNs end up being deceptively expensive. Fewer successful investigations means higher fraud losses and greater reputational risk.

Using Smokeproxy gives your security team the best possible chance of remaining undetected and preserving OPSEC while conducting malware analysis and fraud investigations. This leads to more successful investigations, and a better security response.