Dutch Authorities Dismantle Massive Botnet Encompassing 17 Million Devices
In a significant victory against cybercrime, Dutch authorities have successfully dismantled a colossal botnet comprising at least 17 million infected devices. This extensive network included computers, tablets, smartphones, and Internet of Things (IoT) devices, all exploited to execute malicious activities.
The operation, spearheaded by the Dutch Politie and the National Cyber Security Center (NCSC), targeted over 200 servers located within the Netherlands that formed the backbone of this botnet. A portion of these servers was seized from a hosting provider, which subsequently took the botnet offline upon discovering its involvement in criminal operations.
While officials did not explicitly name the botnet, local media reports suggest it was associated with Asocks, a company offering residential proxy services. In April 2024, HUMAN’s Satori Threat Intelligence team identified a campaign named PROXYLIB, which involved Android devices infected with proxyware from LumiApps and Asocks.
Asocks’ platform advertised corporate, residential, and mobile proxies with monthly subscriptions ranging from $5 to $15, offering discounts for bulk purchases. Residential proxies have legitimate applications, such as accessing geographically restricted web content. However, this ecosystem is often exploited by malicious actors who purchase access to compromised devices within these networks to route harmful traffic and conduct cyberattacks.
The NCSC emphasized the ease with which devices can become part of a botnet when accessible to cybercriminals. Attackers can install malware that allows remote control, effectively enlisting the device into a network used for illicit activities.
To mitigate the risk of botnet infections, the NCSC recommends several preventive measures:
– Regularly Update Operating Systems: Keeping software up-to-date ensures vulnerabilities are patched promptly.
– Monitor Edge Devices: Maintain visibility over devices like routers to detect unauthorized access.
– Use Strong, Unique Passwords: Implement robust passwords and change default credentials on all devices.
– Enable Two-Factor Authentication (2FA): Adding an extra layer of security can prevent unauthorized access.
– Install Apps from Trusted Sources: Avoid downloading applications from unverified platforms to reduce malware risks.
– Secure Wi-Fi Networks: Utilize WPA2 or WPA3 encryption standards to protect wireless networks.
This takedown underscores the persistent threat posed by botnets and the importance of proactive cybersecurity measures. By adhering to best practices, individuals and organizations can significantly reduce the risk of their devices being co-opted into such malicious networks.
