Google, the FBI, and industry partners disrupted NetNut, a massive residential proxy network that used millions of compromised Android devices, smart TVs, and streaming boxes to hide malicious traffic behind residential IP addresses. The takedown also blocked NetNut’s command-and-control infrastructure and used Google Play Protect to warn users and disable infected apps. #NetNut #Popa #Badbox2.0 #Google #FBI
Keypoints
- NetNut was a residential proxy botnet also known as Popa.
- It reportedly controlled at least 2 million infected devices worldwide.
- Compromised smart TVs, streaming boxes, and Android devices were used as exit nodes.
- Google, the FBI, Lumen Technologies, and Shadowserver helped disrupt the network.
- Google blocked NetNut’s C2 infrastructure and warned users through Play Protect.