NetNut cracked as Google and FBI target 2 million-device botnet


Tech companies working with US law enforcement “significantly degraded” the NetNut residential proxy network as part of an ongoing effort to disrupt the tools cybercriminals use to conceal their activity, say researchers.

The work was carried out by Google, Lumen, Shadowserver, the FBI, and others, and marks a continuation of the IPIDEA proxy network disruption from January.

According to Google Cloud, those working on the operation believe NetNut was among the most popular residential proxy network providers and had at least 2 million devices enrolled in its botnet, comprising mainly small TV-streaming hardware. Crims often use residential proxy networks to make it look like their traffic is actually coming from legit homes and businesses.

Read more…
Source:  The Register


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • “Major” cyberattack compromised sensitive U.S. Marshals Service data

    February 28, 2023

    The U.S. Marshals Service is investigating a major ransomware attack that has compromised some of its most sensitive information, including law enforcement materials, and the personal information of employees and potential targets of federal investigations. The cyberattack was considered a “major incident” by officials, impacting a “stand-alone” system (meaning it is not connected to a larger ...

  • Dutch Police arrest three ransomware actors extorting €2.5 million

    February 24, 2023

    The Amsterdam cybercrime police team has arrested three men for ransomware activity that generated €2.5 million from extorting small and large organizations in multiple countries. The suspects, all young men aged between 18 and 21, are charged with stealing sensitive data from victim networks and demanding a ransom. It is believed that they attacked thousands of ...

  • Russian malware dev behind NLBrute hacking tool extradited to US

    February 23, 2023

    A Russian malware developer accused of creating and selling the NLBrute password-cracking tool was extradited to the United States after being arrested in the Republic of Georgia last year on October 4. Also known as dpxaker, Dariy Pankov is now charged with access device fraud and computer fraud and faces a maximum sentence of 47 years ...

  • FBI tackles ‘isolated’ IT security breach

    February 17, 2023

    The FBI claims it has dealt with a cybersecurity “incident” that reportedly involved computer systems being used to investigate child sexual exploitation. “The FBI is aware of the incident and is working to gain additional information,” a spokesperson said in a statement to The Register. “This is an isolated incident that has been contained. As this ...

  • UK cracks down on ransomware actors

    February 9, 2023

    Seven Russian nationals have assets frozen and travel bans imposed ransomware is a tier 1 national security threat, with attacks against businesses and public sector organisations increasingly common. Recent victims include UK schools, local authorities and firms – whilst internationally the Irish Health Service Executive, Costa Rican government and American healthcare providers were targeted new campaign of ...

  • Darknet Marketplace Revenue Plummets After Hydra Raid

    February 9, 2023

    Revenue at dark web illicit marketplaces plunged in 2022 following seizure by U.S. and German police last spring of what was then the world’s largest online bazaar for illegal goods and services. The April shutdown of the Russian-speaking Hydra Market sent the illicit world of Russian-language darknet markets into a tailspin that cut overall revenue for ...