Logo
News Ababil
Explore
SYS_NODE: ONLINE // Cyber Security

FBI Seizes NetNut Proxy Network Linked to Popa Botnet, Shutting Down Millions of Devices

DECRYPTED BY: Nova Stirling | TIMESTAMP: 2026-07-04 T 20:39:16 Z | [ 2 MIN READ ]
FBI Seizes NetNut Proxy Network Linked to Popa Botnet, Shutting Down Millions of Devices
2 Min Read
Share

The Federal Bureau of Investigation announced today, in coordination with industry partners, the seizure of more than ↓ 300 domains that powered the NetNut proxy service operated by Israeli‑listed Alarum Technologies (NASDAQ:ALAR).

NetNut proxy Tied to Popa Botnet of ↓ 2 million Compromised Devices

Security researchers from KrebsOnSecurity, Google Threat Intelligence Group and independent firms converged in mid‑June to link the residential‑proxy platform to the Popa botnet, a network of at least two million smart TVs, streaming boxes and other IoT gadgets infected without user consent.

The botnet converts these home devices into always‑on exit nodes that criminals rent to hide malicious traffic, fuel mass content scraping, advertising fraud and account‑takeover campaigns.

“Alarum takes this matter seriously and will fully cooperate with law enforcement,” said Omer Weiss, legal counsel for the NetNut parent, in a written statement.

Google’s GTIG reported observing 316 distinct threat‑actor clusters leveraging suspected NetNut exit nodes in a single week, ranging from cyber‑crime groups to state‑linked espionage units. The firm also disabled Google accounts used for command‑and‑control and removed apps bundling NetNut SDKs.

Industry allies including Reuters and Bloomberg were thanked for assistance in dismantling the infrastructure, which experts say will cripple the cyber‑crime ecosystem that surged after the earlier takedown of rival IPIDEA.

Analysts predict a short‑term shock to the residential‑proxy market, but warn that resilient operators may re‑brand or purchase capacity from competitors, keeping the threat alive.


Analysis by Nova Stirling (Aerospace & Space Tech Correspondent).

Global Data Feed

More from this Intel

U.S. Government Pays Kairos Data Theft Ransom of $1 Million

U.S. Government Pays Kairos Data Theft Ransom of $1 Million

Jul 04, 2026
FatFs vulnerabilities expose millions of embedded devices to attack

FatFs vulnerabilities expose millions of embedded devices to attack

Jul 04, 2026
NetNut proxy network crippled: Google‑led strike cuts off 2 million devices

NetNut proxy network crippled: Google‑led strike cuts off 2 million devices

Jul 04, 2026
Australia’s Cybercrime Risk Declines, but SMBs Shoulder New Burden

Australia’s Cybercrime Risk Declines, but SMBs Shoulder New Burden

Jul 03, 2026
PamStealer macOS malware: A stealthy two‑stage threat defying detection

PamStealer macOS malware: A stealthy two‑stage threat defying detection

Jul 03, 2026
FortiBleed Campaign Tied to Lynx Ransomware: Massive Credential Theft Unveiled

FortiBleed Campaign Tied to Lynx Ransomware: Massive Credential Theft Unveiled

Jul 02, 2026

Join The Elite

Get the top 0.1% global intelligence and market insights delivered directly to your inbox before the masses.

We respect your privacy. No spam.