Dutch authorities have announced the takedown of a botnet that enslaved millions of infected devices, including computers, tablets, smartphones, and IoT devices, to carry out malicious attacks.
The bot network, per the Dutch Politie and the National Cyber Security Center (NCSC), consisted of at least 17 million infected devices. More than 200 servers located in the Netherlands acted as the platform’s backend infrastructure.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
According to a statement issued by the NCSC, police officials seized a subset of these servers from a hosting provider that provided the infrastructure. The provider is said to have subsequently taken the botnet offline following its use for criminal purposes.
Although the name of the botnet was not explicitly mentioned, local news outlet NL Times reported that the service in question was Asocks, a company that offers residential proxies. In April 2024, HUMAN’s Satori Threat Intelligence team identified a campaign dubbed PROXYLIB that involved infected Android devices with proxyware from LumiApps and Asocks.
Per details shared on Asocks’ website, the platform advertises corporate, residential, and mobile proxies for monthly subscriptions between $5 and $15, with 5-15% discounts for bulk purchases ranging from 10 to 100 proxies.
Residential proxies have legitimate uses and privacy benefits, including to access geographically-restricted web resources. However, the ecosystem is also shadowy, with many providers catering to bad actors who purchase access to compromised devices enrolled in these networks to route malicious traffic and carry out cyber attacks.
“Devices can become part of a botnet when they are accessible to malicious actors,” NCSC said. “After gaining access, attackers can install malware that allows the device to be controlled remotely. This enables the device to become part of a network used for cybercriminal activities.”
To counter the threat posed by botnet malware, it’s advised to keep the operating systems up-to-date, maintain visibility of edge devices like routers, use strong passwords, enable two-factor authentication wherever possible, install apps from trusted sources, change default passwords, and secure Wi-Fi networks with WPA2 or WPA3.
Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.
Some parts of this article are sourced from:
thehackernews.com
PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation