Dutch authorities have taken offline a botnet of at least 17 million infected devices and seized more than 200 servers in the Netherlands that supported the operation, according to a joint disclosure from the National Cyber Security Centre and police.
KEY FACTS
- Scale The botnet included at least 17 million infected devices.
- Infrastructure More than 200 servers in the Netherlands were used to host it.
- Devices Authorities said the servers controlled computers, tablets and smartphones.
- Action Police seized several servers from a hosting provider for investigation.
Authorities said the infrastructure was used for cyberattacks and other illegal activity, including distributed denial-of-service attacks, malicious proxying and cryptocurrency mining. The hosting provider took the botnet offline after the criminal use was identified.
The report did not name the botnet. Local media linked it to Asocks, a service that markets itself as a universal proxy network with millions of IP addresses and customers, but that link was not confirmed in the disclosure.
The action suggests that many of the devices involved did not knowingly participate in the operation. The disclosure said the infected systems were part of a network that used compromised devices to support cybercrime.
To reduce the risk of botnet infection, the disclosure urged device owners to change default credentials, install firmware updates and disable remote administration panels when they are not needed.
WHY IT MATTERS
Large botnets can turn ordinary consumer and business devices into tools for attacks without the owners realizing it. The seizure of the supporting servers may disrupt criminal operations and highlights the need to secure internet-connected devices.