Dutch authorities announced that they have shut down a botnet that enslaved millions of infected devices, including computers, tablets, smartphones, and IoT devices, and carried out malicious attacks.
According to Dutch government regulations and the National Cyber Security Center (NCSC), the bot network consisted of at least 17 million infected devices. Over 200 servers located in the Netherlands served as the platform’s backend infrastructure.
According to a statement released by the NCSC, law enforcement authorities seized a subset of these servers from the hosting provider that provided the infrastructure. The provider allegedly took the botnet offline after it was used for criminal purposes.
Although the name of the botnet was not explicitly mentioned, local news outlet NL Times reported that the service in question was Asocks, a company that provides residential proxies. In April 2024, HUMAN’s Satori Threat Intelligence team identified a campaign called PROXYLIB that infected Android devices with LumiApps and Asocks proxyware.
According to details shared on the Asocks website, the platform promotes corporate, residential, and mobile proxies with monthly subscriptions ranging from $5 to $15, with discounts of 5 to 15% when purchasing 10 to 100 proxies in bulk.
Residential proxies have legitimate uses and privacy benefits, such as access to geo-restricted web resources. But there is also a shadow in the ecosystem, with many providers responding to malicious actors purchasing access to compromised devices registered on these networks in order to route malicious traffic and carry out cyberattacks.
“If a device is accessed by malicious parties, it could become part of a botnet,” the NCSC said. “An attacker who gains access could install malware that allows them to remotely control the device, which could make it part of a network used for cybercriminal activity.”
To combat threats from botnet malware, we recommend keeping your operating system up to date, maintaining visibility into edge devices like routers, using strong passwords, enabling two-factor authentication whenever possible, installing apps from trusted sources, changing default passwords, and securing your Wi-Fi network with WPA2 or WPA3.
Source link
