Skip to content
Close Menu

    Subscribe to Updates

    Get the latest news from tastytech.

    What's Hot

    Iran’s economy faces long road to recovery as fragile truce tested | US-Israel war on Iran News

    July 8, 2026

    10 Probability Concepts for Machine Learning Explained Simply

    July 8, 2026

    Google and the FBI Target Massive Botnet That Quietly Used Home Devices to Mask Cybercrime

    July 8, 2026
    Facebook X (Twitter) Instagram
    Facebook X (Twitter) Instagram
    tastytech.intastytech.in
    Subscribe
    • AI News & Trends
    • Tech News
    • AI Tools
    • Business & Startups
    • Guides & Tutorials
    • Tech Reviews
    • Automobiles
    • Gaming
    • movies
    tastytech.intastytech.in
    Home»Tech Reviews»Google and the FBI Target Massive Botnet That Quietly Used Home Devices to Mask Cybercrime
    Google and the FBI Target Massive Botnet That Quietly Used Home Devices to Mask Cybercrime
    Tech Reviews

    Google and the FBI Target Massive Botnet That Quietly Used Home Devices to Mask Cybercrime

    gvfx00@gmail.comBy gvfx00@gmail.comJuly 8, 2026No Comments5 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email


    The FBI, in partnership with Google and other tech companies, struck a massive blow against NetNut, a public-facing residential network proxy service that secretly hosted a botnet controlling approximately 2 million Android TVs and similar smart home devices. The network was being used for password-spraying, credential attacks and other malicious activity. 

    Residential proxy botnets make malicious traffic appear like normal internet use, allowing everyday devices to be secretly hijacked by cybercriminals to conduct illegal activities using your home internet. Infected home devices were often preloaded with malicious software used by the botnet, which made traditional home security practices less effective at detecting and stopping the problem. 

    According to an FBI statement emailed to CNET, on July 2, the federal agency carried out “a court-authorized seizure of multiple domains as part of a coordinated law enforcement action with the Department of Justice and IRS Criminal Investigation targeting infrastructure associated with the NetNut residential proxy platform, its administrators, and users.”

    Authorities worked in tandem with Google, Lumen Technologies and the Shadowserver Foundation to go after NetNut and its services — also known as the Popa botnet by security researchers. Google said in a blog post that the actions “caused significant degradation to NetNut’s proxy network and its business operations, reducing the available pool of devices for the proxy operator by millions.” NetNut’s website now shows an FBI takedown notice. 

    Google acknowledged that taking down NetNut is only the first step. Because these proxy networks frequently share and resell access to each other’s botnets, disrupting one provider often leads malicious actors to simply purchase capacity from a competitor. To create a lasting impact, Google said it must “target the infrastructure of several interconnected providers” simultaneously.

    A takedown notice for NetNut by the FBI, IRS, and several tech companies.

    NetNut’s official website is taken down with this seizure notice in its place. 

    The FBI

    Table of Contents

    Toggle
    • How this botnet worked
    • Stay safe from the next attack
      • Related posts:
    • Slate EV Truck Pre-Orders Will Open On June 24
    • The 4.5-star Samsung Galaxy Buds 4 Pro 'knock it out the park' — and now you can save £50 with this ...
    • Best Robot Vacuums We've Tested (December 2025)

    How this botnet worked

    In 2024, security researchers at XLab found the Vo1d botnet, a massive collection of hacked, mostly off-brand Android TV devices. If you recall the fake AI video of Donald Trump and Elon Musk appearing on TVs at the Department of Housing and Urban Development, that was most likely caused by a malicious actor using the Vo1d botnet. 

    Those same researchers also found Popa, a legitimate network protocol plug-in that turned consumer devices into residential proxy nodes with the user’s consent. But the version researchers found was being installed on the hacked Android TV devices without user consent. According to the FBI, a residential proxy node is “an intermediary server between individuals and websites they visit to make their connections appear to originate elsewhere.” 

    Residential proxy networks are legal in the US, and businesses that use them usually sell access to enterprise customers, where they’re often used for security penetration testing, ad verification, gathering marketing data and unlocking geo-locked websites. Since residential nodes use real IP addresses from someone’s home, the company or person using the node is seen by the World Wide Web as just an ordinary user, and their true identity is hidden. 

    Android TV devices that were part of the Vo1d botnet and infected with Popa allowed cybercriminals to conduct attacks, scrape data from infected devices looking for sensitive information like passwords, and even hijack the device to perform malicious tasks, all while the hacker appeared to originate from the house across the street or the apartment across the hall without actually being there. 

    That is where NetNut comes in. NetNut is a public-facing residential proxy network operator owned by Alarum Technologies, a publicly traded company out of Israel. Per Google, it was one of the largest residential proxy network operators in the world.

    On the surface, NetNut appeared to be a legitimate business and even had an official website where you could buy its services. However, late last month, multiple researchers confirmed that traffic generated by the Popa botnet was from NetNut users. This meant that NetNut was effectively selling its botnet out in the open to anyone, for both legitimate and illegitimate uses, which gave authorities enough evidence to take the company down.

    Stay safe from the next attack

    The good news is that making sure you don’t wind up as part of the next Android TV-powered botnet is actually pretty easy. According to Google and security researchers, the overwhelming majority of the hacked devices were no-name Android TV streamers that you can freely find on Amazon, Temu, AliExpress and other online outlets.

    Many of those streaming sticks and boxes are quite cheap, but they do work. The problem is that nearly all of them run ancient versions of Android, which are easier to hack since those devices don’t have the modern protections afforded by newer versions. 

    Some brands sell streaming boxes that promise free streaming with no subscriptions. These are often advertised on Instagram and TikTok by fresh-faced influencers who claim to offer a no-subscription streaming TV solution. Security researchers found that many of those streamer boxes came prehacked with botnet software installed out of the box. 

    So, step one to avoid becoming part of a botnet is to only buy Android TV devices from reputable companies like Sony, Nvidia, Google and others. Try to buy one that runs a modern version of Android and still gets security updates. You should also avoid those “one price, no subscriptions” boxes on social media, since they definitely come with malware preinstalled. 

    Botnets like this aren’t unique to Android TV. Smart home devices are also consistently included in botnets, so step two to keeping yourself safe is to make sure you apply all of the above advice to your smart home products as well. You should also keep up with the latest trends, like promptware, a new kind of malware that hacks your devices by asking the onboard AI to do it on behalf of the hacker. 

    The incident serves as an important reminder to be wary of low-quality, cheap tech peddled by influencers — or you risk having your personal ID information stolen. The usual array of things helps as well, like making sure to have a robust password, learning how to avoid phishing emails and not revealing any personal details to suspicious characters online.



    Related posts:

    Self-propagating malware poisons open source software and wipes Iran-based machines

    Images of Samsung's rumored smart glasses have leaked

    OpenAI reportedly plans to add Sora video generation to ChatGPT

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleOne Piece anime fans are having the biggest summer of all time
    Next Article 10 Probability Concepts for Machine Learning Explained Simply
    gvfx00@gmail.com
    • Website

    Related Posts

    Tech Reviews

    Disney just agreed to pay out $50 million to some YouTube TV and DirecTV Stream subscribers — here’s how to make a claim for your share and find out if you’re owed it

    July 8, 2026
    Tech Reviews

    A Bug In Discord’s Safety Systems Incorrectly Banned Accounts Since May

    July 7, 2026
    Tech Reviews

    Netflix: 30 of the Best Sci-Fi TV Shows You Should Stream Right Now

    July 7, 2026
    Add A Comment
    Leave A Reply Cancel Reply

    Top Posts

    Black Swans in Artificial Intelligence — Dan Rose AI

    October 2, 2025206 Views

    Every Clue That Tony Stark Was Always Doctor Doom

    October 20, 2025130 Views

    We let ChatGPT judge impossible superhero debates — here’s how it ruled

    December 31, 2025100 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram

    Subscribe to Updates

    Get the latest tech news from tastytech.

    About Us
    About Us

    TastyTech.in brings you the latest AI, tech news, cybersecurity tips, and gadget insights all in one place. Stay informed, stay secure, and stay ahead with us!

    Most Popular

    Black Swans in Artificial Intelligence — Dan Rose AI

    October 2, 2025206 Views

    Every Clue That Tony Stark Was Always Doctor Doom

    October 20, 2025130 Views

    We let ChatGPT judge impossible superhero debates — here’s how it ruled

    December 31, 2025100 Views

    Subscribe to Updates

    Get the latest news from tastytech.

    Facebook X (Twitter) Instagram Pinterest
    • Homepage
    • About Us
    • Contact Us
    • Privacy Policy
    © 2026 TastyTech. Designed by TastyTech.

    Type above and press Enter to search. Press Esc to cancel.

    Ad Blocker Enabled!
    Ad Blocker Enabled!
    Our website is made possible by displaying online advertisements to our visitors. Please support us by disabling your Ad Blocker.