The takedown of a botnet that enslaved millions of infected devices, including computers, tablets, smartphones, and IoT devices, for malicious attacks has been announced by Dutch authorities.
The bot network, as per the Dutch Politie and the National Cyber Security Center (NCSC), was comprised of at least 17 million infected devices, with over 200 servers in the Netherlands acting as the backend infrastructure.
Following a statement issued by the NCSC, a subset of servers was seized by police officials from a hosting provider, leading to the provider taking the botnet offline due to its criminal use.
Although not explicitly named, local news outlet NL Times reported that the service in question was Asocks, a company offering residential proxies. In April 2024, HUMAN’s Satori Threat Intelligence team identified a campaign involving infected Android devices with proxyware from LumiApps and Asocks.
Details on Asocks’ website show that the platform offers corporate, residential, and mobile proxies for monthly subscriptions between $5 and $15, with discounts for bulk purchases.
Residential proxies have legitimate uses but also cater to bad actors who exploit compromised devices for cyber attacks, highlighting the importance of maintaining device security.
To combat botnet malware, it is recommended to keep operating systems updated, secure edge devices, use strong passwords and two-factor authentication, download apps from trusted sources, change default passwords, and secure Wi-Fi networks.
