NetNut cracked as Google and FBI target 2 million-device botnet


Tech companies working with US law enforcement “significantly degraded” the NetNut residential proxy network as part of an ongoing effort to disrupt the tools cybercriminals use to conceal their activity, say researchers.

The work was carried out by Google, Lumen, Shadowserver, the FBI, and others, and marks a continuation of the IPIDEA proxy network disruption from January.

According to Google Cloud, those working on the operation believe NetNut was among the most popular residential proxy network providers and had at least 2 million devices enrolled in its botnet, comprising mainly small TV-streaming hardware. Crims often use residential proxy networks to make it look like their traffic is actually coming from legit homes and businesses.

Read more…
Source:  The Register


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • How Did the FBI Get a Tor User’s IP Address?

    January 12, 2023

    Polling the internet: what is the best way to de-anonymize a Tor user? Somebody over at the FBI definitely has a method, but they clearly aren’t planning on telling anybody anytime soon. Motherboard originally reported that the bureau has somehow managed to nab the IP address of an alleged criminal using Tor, short for “The Onion ...

  • A UN committee is struggling to define what cybercrime is in upcoming treaty

    January 10, 2023

    A United Nations committee – whose members include delegates from the U.S., China and Russia — is meeting throughout this week and next to continue negotiations for a new international cybercrime treaty. Why it matters: The finished UN cybercrime treaty will jumpstart a wave of new laws around the world based on the agreed-upon principles in ...

  • Freedom for MegaCortex ransomware victims – the fix is out

    January 6, 2023

    An international law enforcement effort has released a decryptor for victims of MegaCortex ransomware, widely used by cybercriminals to infect large corporations across 71 countries to the tune of more than $100 million in damages. The decryptor, built by Europol, cybersecurity firm Bitdefender, the NoMoreRansom Project, the Zürich Public Prosecutor’s Office and the Zürich Cantonal Police, ...

  • Sting op takes down 50 DDoS-for-hire domains

    December 15, 2022

    Police around the globe have seized as many as 50 internet domains said to be involved in tens of millions of distributed-denial-of-service (DDoS) attacks worldwide. Seven people were collared during the swoop. The so-called “booter” websites sold “some of the world’s leading DDoS-for-hire services,” allowing paying customers to launch these networking-flooding cyberattacks against chosen victims, according ...

  • Four suspects cuffed, face extradition to US over tax refund scam plot

    December 6, 2022

    Four men suspected of plotting to commit wire fraud and identity theft have been arrested and now face extradition to America. It is alleged they conspired to break into US companies’ servers, steal people’s personally identifiable information (PII), use that info to file fraudulent tax returns to Uncle Sam, and collect victims’ tax refunds. In newly unsealed ...