Alphabet-owned Google said on Thursday it had taken coordinated action to weaken a network of internet-connected devices used to conceal and route malicious online traffic, targeting the NetNut residential proxy service and the Popa botnet as part of a broader effort to combat cybercrime.
The operation was carried out in partnership with the US Federal Bureau of Investigation (FBI), cybersecurity firm Lumen and other industry partners. Google said the joint effort focused on disrupting infrastructure that cybercriminals allegedly used to conduct malicious activities while masking their identities online.
According to Google, the company disabled accounts and services linked to malware command-and-control operations associated with NetNut. It also shared technical intelligence about the network’s infrastructure with law enforcement agencies and cybersecurity organizations to support ongoing investigations and enforcement efforts.
Residential proxy networks route internet traffic through the IP addresses of ordinary consumer devices, making online activity appear to originate from legitimate users. While such services can be used for lawful purposes, including data collection and network testing, security experts say they are frequently exploited by cybercriminals to evade detection, launch attacks and bypass online security systems.
Google said its actions had significantly disrupted NetNut’s operations by reducing the number of devices available to its proxy network.
“We believe our coordinated actions have caused significant degradation to NetNut’s proxy network and its business operations, reducing the available pool of devices for the proxy operator by millions,” the company said in a blog post outlining the operation.
NetNut’s parent company, Israel-based web data provider Alarum Technologies, confirmed that it had been informed by the FBI that several domains connected to its services had been seized.
In a statement, Alarum said it was taking the matter seriously and would cooperate fully with law enforcement authorities.
“The company will fully cooperate with law enforcement to ensure any misuse of its infrastructure is thoroughly investigated and those responsible are held accountable,” it said.
Separately, Bloomberg News reported that the FBI has spent more than a year investigating possible links between NetNut and the Popa botnet, citing documents and people familiar with the matter. The report said the investigation was among several cases reviewed by officials from multiple US federal law enforcement agencies during a meeting in Colorado last year focused on proxy networks and cyber threats.
The FBI did not immediately comment on the reports.
The latest operation reflects increasing cooperation between technology companies and law enforcement agencies as cybercriminals continue to use sophisticated infrastructure to hide their activities and target businesses, governments and internet users around the world.

Facebook
Twitter
Instagram
LinkedIn
RSS