Google and FBI Disrupt Major Proxy Network Exploiting Consumer Devices for Cybercrime

July 3, 2026
Google and FBI Disrupt Major Proxy Network Exploiting Consumer Devices for Cybercrime
  • Google, in coordination with the FBI and Lumen, disrupted the NetNut residential proxy network that had been used to support malware operations, significantly degrading its proxy pool and backend infrastructure.

  • The operation removed millions of available devices from NetNut’s network, disabled related C&C accounts, and disrupted backend services to curb the illicit activity.

  • Authorities shared technical intelligence with law enforcement and industry partners to support broader enforcement efforts and to map the ecosystem for future takedowns.

  • Analyses highlight how smart TVs, streaming boxes, and other consumer devices can be exploited or bundled with proxy SDKs, underscoring consumer risk and the importance of trusted devices.

  • Experts warn that proxy networks can rebound by reselling capacity or shifting to other providers, creating ongoing disruption challenges.

  • Residential proxies are legal in principle but are frequently abused for obfuscation, posing risks to home networks when SDKs and monetization schemes are pushed to users.

  • Regulators call for a long-term strategy involving ISPs, mobile platforms, and tech companies to sustain disruption beyond one-off takedowns.

  • Disruption plans include continuous monitoring of NetNut’s network and anticipating peers’ adaptations, with some operators potentially turning to competitors to preserve capacity.

  • NetNut distributed its own SDK through enrolled devices and offered mobile and data center proxies plus a reseller program, expanding the ecosystem’s reach.

  • The case underscores the ongoing enforcement focus on proxy networks used for cybercrime and malware dissemination.

  • Google security guidance urges avoiding apps that pay for unused bandwidth, downloading only from trusted stores, reviewing proxy permissions, keeping Play Protect enabled, and buying devices from reputable brands with certification.

  • User safety advice emphasizes trusted app sources, enabling Play Protect, and choosing reputable manufacturers, while stressing the need for cross-industry collaboration to dismantle such ecosystems.

Summary based on 9 sources


Get a daily email with more Tech stories

Sources


FBI Seizes NetNut Proxy Platform, Popa Botnet

Krebs on Security • Jul 2, 2026

FBI Seizes NetNut Proxy Platform, Popa Botnet



More Stories