Tech companies working with US law enforcement “significantly degraded” the NetNut residential proxy network as part of an ongoing effort to disrupt the tools cybercriminals use to conceal their activity, say researchers.
The work was carried out by Google, Lumen, Shadowserver, the FBI, and others, and marks a continuation of the IPIDEA proxy network disruption from January.
According to Google Cloud, those working on the operation believe NetNut was among the most popular residential proxy network providers and had at least 2 million devices enrolled in its botnet, comprising mainly small TV-streaming hardware. Crims often use residential proxy networks to make it look like their traffic is actually coming from legit homes and businesses.
Read more…
Source: The Register
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Major data leak forum dismantled in global action against cybercrime forum
March 4, 2026
A major online forum for stolen data has been dismantled following an international operation coordinated by Europol. The forum, known as LeakBase, had established itself as a central hub in the cybercrime ecosystem, specialising in the trade of leaked databases and so-called “stealer logs” – archives of stolen credentials harvested through infostealer malware. Accessible on the ...
- Europol, Microsoft, TrendAI and Collaborators Halt Tycoon 2FA Operations
March 4, 2026
Researchers from TrendAI have been tracking the infrastructure, as well as the campaigns and operator behaviors that can be linked to Tycoon 2FA to build a clearer picture of how its services was being used at scale. By November 2025, TrendAI had collected enough data to link the operation to an actor using the monikers “SaaadFridi” ...
- Russia: Over 200 people involved in SIM box operations detained since September 2025
March 2, 2026
The Federal Security Service (FSB), the Interior Ministry, and the Investigative Committee of Russia have uncovered and disrupted 100 illegal communication channels used by Ukrainian intelligence services to involve Russians in sabotage and terrorism since September 1, 2025, with over 200 people involved in running SIM boxes detained across 43 Russian regions. “As a result <…> ...
- Ukrainian gets five years for helping North Koreans secure US tech jobs
February 20, 2026
Ukrainian national Oleksandr Didenko will spend the next five years behind bars in the US for his involvement in helping North Korean IT workers secure fraudulent employment. The 29-year-old played a role in supporting individuals working for a hostile regime to get contracts in the US. In November 2025, Didenko pleaded guilty to wire fraud and ...
- Chinese hack exposes data of 5,000 Italian counterterrorism officers
February 18, 2026
Personal data of roughly 5,000 Italian Digos officers — including names, roles and postings — was reportedly obtained by hackers linked to China after a cyber intrusion into the Interior Ministry’s network between 2024 and 2025. The breach potentially exposes officers involved in counterterrorism and monitoring Chinese dissidents, raising serious national security concerns and complicating Italy’s ...
- US Department of Homeland Security reportedly sent hundreds of subpoenas seeking to unmask anti-ICE accounts
February 14, 2026
The Department of Homeland Security has been increasing pressure on tech companies to identify the owners of social media accounts that criticize Immigration and Customs Enforcement (ICE), according to The New York Times. This echoes other recent reporting, with Bloomberg pointing to five cases in which Homeland Security sought to identify the owners of anonymous Instagram ...

