NetNut cracked as Google and FBI target 2 million-device botnet


Tech companies working with US law enforcement “significantly degraded” the NetNut residential proxy network as part of an ongoing effort to disrupt the tools cybercriminals use to conceal their activity, say researchers.

The work was carried out by Google, Lumen, Shadowserver, the FBI, and others, and marks a continuation of the IPIDEA proxy network disruption from January.

According to Google Cloud, those working on the operation believe NetNut was among the most popular residential proxy network providers and had at least 2 million devices enrolled in its botnet, comprising mainly small TV-streaming hardware. Crims often use residential proxy networks to make it look like their traffic is actually coming from legit homes and businesses.

Read more…
Source:  The Register


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Russia labels Meta an ‘extremist’ organization, bans Instagram

    March 14, 2022

    Russia’s Investigative Committee, the nation’s peak criminal and anti-corruption investigation body, has opened a probe into whether Meta is an extremist organization. The move follows Meta’s decision last week to relax rules about exhortations to commit violence posted to its Facebook and Instagram properties – but only within Ukraine. Facebook’s president of global affairs, Nick Clegg, justified ...

  • NetWalker ransomware affiliate extradited to the US for further charges

    March 11, 2022

    The NetWalker ransomware gang affiliate who was sentenced to seven years in prison by Canadian courts at the end of January was extradited to the United States on Wednesday, where he will face further charges related to his participation in the gang. Sebastien Vachon-Desjardins, a Canadian citizen, received the Canadian prison sentence after he pleaded guilty ...

  • DOJ: Ukrainian ransomware suspect extradited from Poland to face charges in Texas

    March 10, 2022

    A Ukrainian national accused of a major ransomware attack will face charges in Texas after his extradition from Poland, the Justice Department announced Wednesday. Yaroslav Vasinskyi, 22, is charged with unleashing ransomware known as Sodinokibi/REvil against companies including Kaseya, a multi-national information software company, and demanding $70 million in ransom, according to his August 2021 indictment. REvil ...

  • ENISA: Incidents Handling and Cybercrime Investigations

    March 8, 2022

    The European Union Agency for Cybersecurity (ENISA) explores how CSIRTs, law enforcement agencies and the judiciary cooperate and how they can train together to better tackle cyber incidents and respond to cybercrime. The report published today facilitates the cooperation between CSIRTs and law enforcement agencies (LEAs) and looks into their interaction with the judiciary (judges and ...

  • Cybercrime: Dark web carding forum users are getting worried after a string of shutdowns

    February 18, 2022

    Cybercriminals are getting spooked by the sudden disappearance of a number of prominent dark web marketplaces, leading some to wonder if time is up on their illegal, underground activities. Cybersecurity researchers at Digital Shadows have analysed activity on carding forums – dark web marketplaces where criminals buy and sell stolen credit card information and other personal ...

  • Interpol: Policing model needs to change with cybercrime

    February 17, 2022

    The digitalisation of the global workforce in the face of a pandemic has led criminals to upgrade their working model, and now law enforcement must too. Interpol cybercrime director Craig Jones set forward this idea at Acronis’s CyberFit Summit in Singapore on Thursday, dispelling the stereotype of a lone threat actor in a hoodie hunched over ...