July 2 (Reuters) – Alphabet’s Google said on Thursday it weakened a network of internet-connected devices being used to conceal and route malicious online traffic, acting against the NetNut residential proxy operator and the Popa botnet.
Google took action in partnership with the FBI and Lumen , among others.
The tech giant said it disabled accounts and services used in NetNut-related malware command-and-control operations and shared technical intelligence on the group’s infrastructure with law enforcement and industry partners to support broader enforcement efforts.
Residential proxy networks route internet traffic through consumer IP addresses, masking its origin and bypassing security defenses, a feature that, while having legitimate uses, is frequently exploited for cybercrime.
“We believe our coordinated actions have caused significant degradation to NetNut’s proxy network and its business operations, reducing the available pool of devices for the proxy operator by millions,” Google said in a blog.
NetNut’s parent, Israel-based web data provider Alarum Technologies, was informed of the seizure of some of its domains by the FBI on Thursday, the company told Reuters.
“Alarum takes this matter seriously and will fully cooperate with law enforcement to ensure any misuse of its infrastructure is thoroughly investigated and those responsible are held to account.”
Separately on the day, Bloomberg News reported that the FBI has been been examining potential links between NetNut and Popa for more than a year, citing documents seen and people familiar with the situation.
The investigation was one of several reviewed by officials from multiple federal law enforcement agencies during a Colorado meeting on proxy networks late last year, the report said.
The FBI did not immediately respond to a Reuters request for comment.
(Reporting by Juby Babu in Mexico City; Editing by Tasim Zahid and Sahal Muhammed)




Comments