17 million “zombie” devices: how the global botnet was destroyed

In a large-scale international cyber operation, law enforcement agencies and leading digital security experts dealt a devastating blow to the global hacking infrastructure. A successful takedown of a botnet in the Netherlands helped save more than 17 million infected devices worldwide that were being secretly used by cybercriminals without their owners’ knowledge.

The scale of the global special operation

While ordinary users went about their business, the National Police of the Netherlands together with specialists of the National Center for Cyber ​​Security conducted a total technical cleaning of the network on a planetary scale. The botnet controlled more than 17 million gadgets, including smartphones, personal computers and even household “smart” devices (up to routers and toasters). All this equipment was remotely exploited by criminals in the shadow sector of the Internet.

The beginning of a large-scale investigation was a detailed report by one of the vigilant cyber security specialists. The expert recorded the suspicious activity of a large network of proxy servers and transferred the data to law enforcement officers, which led to the complete destruction of the attackers’ infrastructure.

Botnet specifications and architecture

Investigative actions revealed a complex technical system that cybercriminals had been building for years:

  • Size of infected network: more than 17,000,000 hosts.
  • Management infrastructure: about 200 rented servers.
  • Physical location of management servers: legal data centers in the Netherlands.

Choosing a reliable European hosting is a favorite method of cybercriminals. With its help, they disguise malicious network traffic as legitimate data exchange, minimizing the suspicions of providers and automated security algorithms.

Usage features: ASOCKS proxy platform

This botnet was a full-fledged commercial hacker project and was inextricably linked to the ASOCKS proxy platform. This shadow service was positioned as a resident proxy shop, which gives its customers the opportunity to hide their real IP address by passing traffic through the home gadgets of ordinary users. The range of criminal services based on this infrastructure included:

  • Organization of massive phishing campaigns.
  • Mass automatic sending of spam messages.
  • Performing devastating distributed DDoS attacks on commercial and government web portals.

Because the requests came on behalf of real users from ordinary residential neighborhoods, the security systems of most targets did not recognize network attacks.

Results of the raid against the botnet infrastructure

During the police intervention, about two hundred control servers were disabled by communication providers based on the official order of the security authorities. In addition, operatives seized physical hard drives with equipment as an evidence base. The strongest technical blow has deprived the network operators of operational management and financial inflow, as the re-creation of such a network framework will require colossal time and cash infusions.

How to prevent your device from turning into a “zombie”?

Law enforcement officers destroyed the hacker’s server coordination centers, but the owners of 17 million infected gadgets themselves are still vulnerable to future software modifications, because the key developers are still at large. NCSC strongly recommends following the fundamental rules of digital hygiene:

  • Update the system firmware of all smart devices (including routers) in a timely manner.
  • Be sure to change the factory default administration passwords.

Don't miss interesting news

Subscribe to our channels and read announcements of high-tech news, tes

Leave a Reply

Your email address will not be published. Required fields are marked *





Articles & testsArticles

Oppo A6 Pro smartphone review: ambitious Oppo A6 Pro (CPH2799)

Creating new mid-range smartphones is no easy task. Manufacturers have to balance performance, camera capabilities, displays, and the overall cost impact of each component. How the new Oppo A6 Pro balances these factors is discussed in our review.


Sony WF-1000XM6 Bluetooth headphones review: full power

The new Sony WF-1000XM6 headphones have slightly changed their shape compared to their predecessor, received a new processor, an improved noise cancellation system, more microphones, and generally made a noticeable step forward technically.


NewsNews
| 09.02
The European Union is preparing to limit children’s access to social networks

The European Commission is developing new legislative measures to protect minors online. The plans include restricting access to social platforms for children under 13 years of age.

| 08.05
Samsung increases prices for smartphone repairs: causes and consequences

Samsung is increasing prices for smartphone repairs in South Korea amid a shortage of raw materials and rising prices for components. Find out how this will affect your wallet and what exactly has gone up in price at service centers.