Authorities within the Netherlands said they dismantled a botnet that comprised greater than 17 million devices and were managed by 200 servers in a joint operation by the police and the National Cyber Security Center.
The motion, announced Thursday, got here about after a security researcher reported the sprawling network to authorities. The host infrastructure was positioned within the Netherlands.
Used for criminal purposes
“The police then seized several botnet servers from a hosting provider for investigation,” the NCSC said. “The botnet was taken offline by the provider since it was used for criminal purposes.”
In line with a report Thursday by the NL Times, the botnet was linked to ASOCKS, a Russia-based company that gives residential proxy services. These services cater to people and organizations who wish to obscure their locations or identities by proxying their Web traffic through third-party devices. Proxy services are sometimes used for illicit or unethical purposes reminiscent of performing DDoS attacks, running botnet command-and-control servers, operating phishing operations, and scraping website content.
Ars was unable to independently confirm the NL Times report, however the claim checks out. Thursday’s NCSC post linked to a separate post that the nonprofit organization published a day earlier. That post, in turn, was updated so as to add a link to Thursday’s post. Wednesday’s post, headlined “Residential proxies and their major impact on digital security within the Netherlands,” warned: “Residential proxies are used to keep up anonymity and circumvent geographical restrictions. In this manner, a Dutch organization could be attacked with Dutch proxies which have similarities with ‘regular’ traffic, making cybercrime mitigation harder.”