Authorities in the Netherlands dismantled a botnet controlling more than 17 million devices through 200 servers. Police and the National Cyber Security Center coordinated the operation after a security researcher reported the network. The hosting infrastructure was located in the Netherlands. Police seized multiple botnet servers from a hosting provider for investigation. The provider took the botnet offline because it was used for criminal purposes. The botnet was reported to be linked to a Russia-based residential proxy provider, which can obscure locations and identities by routing traffic through third-party devices. Residential proxies are commonly used for DDoS attacks, phishing, botnet command-and-control, and web scraping. A related warning stated that residential proxies can help attackers use seemingly normal Dutch-like traffic, complicating mitigation.
"Authorities in the Netherlands said they dismantled a botnet that comprised more than 17 million devices and were managed by 200 servers in a joint operation by the police and the National Cyber Security Center."
""The police then seized several botnet servers from a hosting provider for investigation," the NCSC said. "The botnet was taken offline by the provider because it was used for criminal purposes.""
"According to a report Thursday by the NL Times, the botnet was linked to ASOCKS, a Russia-based company that provides residential proxy services. These services cater to people and organizations who want to obscure their locations or identities by proxying their Internet traffic through third-party devices."
""Residential proxies are used to maintain anonymity and circumvent geographical restrictions. In this way, a Dutch organization can be attacked with Dutch proxies that have similarities with 'regular' traffic, making cybercrime mitigation more difficult.""
Read at Ars Technica
Unable to calculate read time
Collection
[
|
...
]