Dutch authorities said they destroyed a botnet that included more than 17 million devices and was managed by 200 servers in a joint operation between police and the National Cyber Security Centre.
The action, announced Thursday, came after a security researcher reported the spreading network to authorities. The host infrastructure was located in the Netherlands.
used for criminal purposes
“Police seized several botnet servers from a hosting provider for investigation,” the NCSC said. “The botnet was taken offline by the provider because it was used for criminal purposes.”
According to a Thursday report by NL Times, the botnet was linked to Russia-based company ASOCKS, which provides residential proxy services. These services serve people and organizations that want to obscure their location or identity by proxying their Internet traffic through third-party devices. Proxy services are often used for illegal or unethical purposes such as conducting DDoS attacks, running botnet command-and-control servers, conducting phishing operations, and scraping website content.
Ars was unable to independently confirm the NL Times report, but the claim is being investigated. Thursday’s NCSC post linked to a separate post the nonprofit published a day earlier. That post, in turn, was updated to add a link to Thursday’s post. Wednesday’s post, titled “Residential proxies and their major impact on digital security in the Netherlands”, warned: “Residential proxies are used to maintain anonymity and avoid geographical restrictions. In this way, a Dutch organization can be attacked with a Dutch proxy, which has similarities with ‘regular’ traffic, making cybercrime mitigation more difficult.”
<a href