Google, FBI Disrupt NetNut Residential Proxy Network Powered by Millions of Devices

https://www.securityweek.com/wp-content/uploads/2023/02/Geopolitical-Cybersecurity-Insights.jpg

Google, the FBI, and other organizations coordinated in a joint effort to dismantle NetNut, a massive residential proxy network.

Also known as Popa, NetNut is believed to consist of more than 2 million Android devices such as smart TVs and streaming boxes, that have been infected through trojanized applications and malware such as Badbox 2.0.

The network’s operator, linked to the publicly-traded Israeli firm Alarum Technologies Ltd, rented the residential proxies to various threat actors, including cybercriminal and espionage groups.

In a single week in June, Google observed 316 distinct threat clusters using NetNut to hide their locations in password-spray attacks and to access victim environments.

“We believe our coordinated actions have caused significant degradation to NetNut’s proxy network and its business operations, reducing the available pool of devices for the proxy operator by millions,” Google said.

As part of the operation, the internet giant disabled Google accounts...

Copyright of this story solely belongs to securityweek.com. To see the full text click HERE

Read more