Key facts
- Google has taken action against the NetNut residential proxy network.
- The network was used to hide and route malicious online activity.
- Google partnered with the FBI and Lumen for the operation.
- Accounts and services used in malware command-and-control operations were disabled.
- Technical intelligence on the group's infrastructure was shared with law enforcement.
Alphabet's Google announced on Thursday that it has significantly degraded the NetNut residential proxy network, which was being utilized to conceal and route malicious online activities. The tech giant stated that this action was undertaken in collaboration with entities including the FBI and Lumen.
Google reported disabling accounts and services associated with NetNut's malware command-and-control operations. The company also shared technical intelligence regarding the group's infrastructure with law enforcement and industry partners to aid broader enforcement initiatives.
Residential proxy networks enable users to route internet traffic through consumer IP addresses, which can obscure the origin of online activity and help bypass security measures. While these networks can serve legitimate purposes, they are frequently abused for cybercrime due to their ability to mask the true source of traffic.
"We believe our coordinated actions have caused significant degradation to NetNut’s proxy network and its business operations, reducing the available pool of devices for the proxy operator by millions," Google stated in a blog post.
NetNut, founded in 2017 as a subsidiary of the Israeli cybersecurity firm Alarum Technologies, offers rotating residential, ISP, mobile, and datacenter proxies.
