NetNut cracked as Google and FBI target 2 million-device botnet


Tech companies working with US law enforcement “significantly degraded” the NetNut residential proxy network as part of an ongoing effort to disrupt the tools cybercriminals use to conceal their activity, say researchers.

The work was carried out by Google, Lumen, Shadowserver, the FBI, and others, and marks a continuation of the IPIDEA proxy network disruption from January.

According to Google Cloud, those working on the operation believe NetNut was among the most popular residential proxy network providers and had at least 2 million devices enrolled in its botnet, comprising mainly small TV-streaming hardware. Crims often use residential proxy networks to make it look like their traffic is actually coming from legit homes and businesses.

Read more…
Source:  The Register


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Sri Lanka arrests over 230 Chinese in cybercrime raids

    October 15, 2024

    Sri Lankan police have arrested more than 230 Chinese men accused of targeting international banks in online scams, the foreign minister said on Tuesday (Oct 15), with help from security officials sent by Beijing. Vijitha Herath said police raids over the past week had also seized 250 computers and 500 mobile phones used in the alleged ...

  • U.S. Wiretap Systems Targeted in China-Linked Hack

    October 5, 2024

    A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests. For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data, according to ...

  • DHS: Cyber Cops Stopped 500 Ransomware Hacks Since 2021

    October 4, 2024

    A cybercrime-focused division of the US Department of Homeland Security says it has disrupted more than 500 ransomware attacks and seized billions of dollars in cryptocurrency since 2021. The ongoing effort from Homeland Security Investigations, which investigates cybercrime and illicit transnational activity, involves proactively notifying government agencies, companies and other potential victims that an extortion event ...

  • Northern Ireland police fined $1.29m over ‘serious’ data breach

    October 3, 2024

    Northern Ireland’s police authority was on Oct 3 fined £750,000 (S$1.29 million) over a data breach that saw the personal details of police and intelligence officers posted on a website. The identities of all 9,483 staff members of the Police Service of Northern Ireland (PSNI) were mistakenly published online on Aug 8, 2023, after a freedom ...

  • Russian Authorities Arrest 96 in Major Money Laundering Operation

    October 3, 2024

    In a coordinated effort against cybercrime-related money laundering, Russian authorities have made nearly 100 arrests in connection with an extensive criminal operation involving cryptocurrency exchanges and illegal financial activities. The arrests were part of a nationwide crackdown tied to the UAPS payment system and the Cryptex cryptocurrency exchanges, both of which have been linked to cybercriminals ...

  • UK unmasks LockBit ransomware affiliate as high-ranking hacker in Russia state-backed cybercrime gang

    October 1, 2024

    The U.K.’s National Crime Agency has linked a long-standing affiliate of the LockBit ransomware group to the notorious Russia-backed Evil Corp, a cybercrime gang with links to the Russian government. The NCA said on Tuesday that it had unmasked the LockBit affiliate, known as “Beverley,” as Russian national Aleksandr Ryzhenkov, who British authorities believe to be ...