NetNut cracked as Google and FBI target 2 million-device botnet


Tech companies working with US law enforcement “significantly degraded” the NetNut residential proxy network as part of an ongoing effort to disrupt the tools cybercriminals use to conceal their activity, say researchers.

The work was carried out by Google, Lumen, Shadowserver, the FBI, and others, and marks a continuation of the IPIDEA proxy network disruption from January.

According to Google Cloud, those working on the operation believe NetNut was among the most popular residential proxy network providers and had at least 2 million devices enrolled in its botnet, comprising mainly small TV-streaming hardware. Crims often use residential proxy networks to make it look like their traffic is actually coming from legit homes and businesses.

Read more…
Source:  The Register


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Europol: 106 arrested in a sting against online fraudsters

    September 20, 2021

    The Spanish National Police (Policía Nacional), supported by the Italian National Police (Polizia di Stato), Europol and Eurojust, dismantled an organised crime group linked to the Italian Mafia involved in online fraud, money laundering, drug trafficking and property crime. The suspects defrauded hundreds of victims through phishing attacks and other types of online fraud such as ...

  • U.S. to sanction crypto exchanges, wallets used by ransomware

    September 17, 2021

    The Biden administration is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware gangs to convert ransom payments into fiat money. With ransomware attacks against US interests and infrastructure escalating over the past two years, the White House has increased its efforts to disrupt ransomware operations Read more… Source: Bleeping Computer  

  • Former U.S. intel operatives to pay $1.6M for hacking for foreign govt

    September 15, 2021

    The U.S. government has entered a Deferred Prosecution Agreement (DPA) with three former intelligence operatives to resolve criminal charges relating to their offering of hacking services to a foreign government. Between 2016 and 2019, Marc Baier, Ryan Adams, and Daniel Gericke provided their services to a company that ran sophisticated hacking operations for the United Arab ...

  • Ukrainian man extradited to the US to face botnet, data theft charges

    September 10, 2021

    A Ukrainian man was arrested in Poland and extradited to the US to face charges as an alleged botnet operator. The US Department of Justice (DoJ) said this week that Glib Oleksandr Ivanov-Tolpintsev was taken into custody in Korczowa, Poland, on October 3 last year. As the US and Poland have an extradition treaty, the 28-year-old was ...

  • Ragnar Locker Gang Warns Victims Not to Call the FBI

    September 7, 2021

    All that the FBI/ransomware negotiators/investigators do is muck things up, so we’re going to publish your stuff if you call for help, the Ragnar Locker ransomware gang announced on its darknet data-leak site. In an announcement posted this week and seen by Bleeping Computer, the ransomware operators threatened to publish all the data of victimized organizations ...

  • FBI: OnePercent Group Ransomware targeted US orgs since Nov 2020

    August 23, 2021

    The Federal Bureau of Investigation (FBI) has shared info about a threat actor known as OnePercent Group that has been actively targeting US organizations since at least November 2020 as a ransomware affiliate. The US federal law enforcement agency shared indicators of compromise, tactics, techniques, and procedures (TTP), and mitigation measures in a flash alert published ...