17 million strong botnet of compromised devices dismantled by Dutch authorities

News
By published

200 servers supporting the botnet were seized

Abstract image of robots working in an office environment including creating blueprint of robot arm, making a phone call, and typing on a keyboard
(Image credit: Getty Images)
  • Dutch NCSC and police dismantled a 17M‑device botnet by taking down 200 servers
  • Asocks, previously tied to free Android VPN apps and promoted on Russian hacking forums, offered residential proxies often abused by cybercriminals
  • Officials stress devices are assimilated via malware without consent

A major botnet comprising 17 million devices was just taken offline late last week.

The Dutch National Cyber Security Center (NCSC) announced the takedown on Thursday, saying that together with the local police force, it “took action” against 200 servers which acted as the supporting infrastructure for the botnet. The unnamed hosting provider running the servers took the botnet offline due to their involvement in criminal activities, it was said.

The NCSC did not say which botnet was terminated. The Hacker News, however, citing local news outlet NL Times, said the service in question was Asocks, allegedly a company providing residential proxy services. On the Asocks website it says the company provides corporate, residential, and mobile proxies, with prices ranging from $5 to $15.

Latest Videos From

Selling the stolen accounts

We last heard of Asocks approximately two years ago, when researchers found roughly two dozen free Android VPN apps assimilating devices into the botnet. At the time, security researchers from HUMAN’s Satori Intelligence Team said Asocks was a Russia-based residential proxy service provider, commonly promoted to cybercriminals on hacking forums.

Generally speaking, proxy services are not criminal - they have legitimate use-cases and various privacy benefits. However, cybercriminals often use them to mask their activities, and if the providers don’t act, then they’re considered criminal, too. Whether or not a proxy service is criminal also depends on how the devices were enrolled, since for illegal ones the devices are assimilated via malware and without their owners’ knowledge or consent.

"Devices can become part of a botnet when they are accessible to malicious actors," NCSC said. "After gaining access, attackers can install malware that allows the device to be controlled remotely. This enables the device to become part of a network used for cybercriminal activities."

Therefore, the best way to defend against botnet attacks is to keep your devices updated and protected with a strong password.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Google logo on a black background next to text reading 'Click to follow TechRadar'

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.