🟠 High | Source: The Register — Security
Google and the FBI have taken action against a botnet of approximately 2 million compromised devices linked to the residential proxy service NetNut. Residential proxy networks of this scale are frequently abused to route malicious traffic — including credential stuffing, scraping, and fraud — through legitimate-looking IP addresses. The operation raises concerns that other residential proxy brands may be drawing on the same underlying compromised infrastructure.
Security Architect’s Take: Review your WAF and authentication logs for traffic sourced from residential proxy IP ranges; consider integrating a reputable proxy/threat-intelligence feed to detect and block known residential proxy egress nodes, and ensure rate-limiting and anomaly detection are tuned to catch low-and-slow abuse patterns that blend with legitimate residential traffic.
Original advisory: NetNut cracked as Google and FBI target 2 million-device botnet