Dutch authorities have announced the dismantling of a significant botnet that had taken control of millions of devices, including computers, smartphones, tablets, and IoT devices, for malicious activities. According to the Dutch Politie and the National Cyber Security Center (NCSC), this botnet comprised at least 17 million infected devices.
Details of the Operation
The operation involved the seizure of over 200 servers located in the Netherlands, which served as the backend infrastructure for the botnet. Following the intervention, the hosting provider responsible for these servers took the botnet offline due to its involvement in criminal activities. While the specific name of the botnet was not disclosed, local reports suggest it may be linked to Asocks, a provider of residential proxies.
Background on the Botnet
In April 2024, a campaign identified by HUMAN’s Satori Threat Intelligence team, known as PROXYLIB, highlighted the use of infected Android devices running proxyware from LumiApps and Asocks. Asocks offers various proxy services, including corporate, residential, and mobile proxies, with subscription prices ranging from $5 to $15 per month. While residential proxies can have legitimate uses, they are also exploited by cybercriminals to route malicious traffic through compromised devices.
How Devices Become Infected
The NCSC explained that devices can be integrated into a botnet when they are accessible to malicious actors. Once attackers gain access, they can install malware that allows remote control of the device, effectively turning it into a part of a network used for cybercriminal activities. This highlights the importance of securing devices against unauthorized access.
Recommended Security Practices
To mitigate the risks associated with botnet malware, the NCSC advises users to keep their operating systems updated, maintain visibility of edge devices like routers, utilize strong passwords, enable two-factor authentication where possible, install applications from trusted sources, change default passwords, and secure Wi-Fi networks using WPA2 or WPA3.
This article was produced by NeonPulse.today using human and AI-assisted editorial processes, based on publicly available information. Content may be edited for clarity and style.
