Authorities in the Netherlands said they dismantled a botnet comprising more than 17 million devices and managed by 200 servers in a joint operation by police and the National Cyber Security Centre.
The action, announced on ThursdayIt emerged after a security researcher reported the expanding network to authorities. The host infrastructure was located in the Netherlands.
Used for criminal purposes.
“The police then confiscated several botnet servers from a hosting provider for investigation,” the NCSC said. “The vendor took the botnet offline because it was being used for criminal purposes.”
According to a report On Thursday, according to the NL Times, the botnet was linked to ASOCKS, a Russia-based company that provides residential proxy services. These services are aimed at people and organizations that want to hide their locations or identities by sending their Internet traffic through third-party devices. Proxy services are often used for illicit or unethical purposes, such as conducting DDoS attacks, running botnet command and control servers, performing phishing operations, and scraping content from websites.
Ars could not independently confirm the NL Times report, but the claim is correct. Thursday’s NCSC post linked to a separate post which the nonprofit organization posted a day earlier. That post, in turn, was updated to add a link to Thursday’s post. Wednesday’s post, titled “Residential proxies and their biggest impact on digital security in the Netherlands,” warned: “Residential proxies are used to maintain anonymity and bypass geographic restrictions. In this way, a Dutch organization can be attacked with Dutch proxies that have similarities to ‘normal’ traffic, making cybercrime mitigation difficult.”
