Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
FBI Seizes NetNut Proxy Platform, Popa Botnet (krebsonsecurity.com)
36 points by k1m 14 hours ago | hide | past | favorite | 12 comments
 help



> most of the no-name TV streaming boxes for sale on the major e-commerce websites either come pre-installed with residential proxy software, or require the installation of proxy SDKs in order to use the device

> Even people without TV streaming boxes can find their smart TVs enrolled in residential proxy networks, just by installing one of thousands of apps available for download on Samsung and LG smart TVs. In a report released last month, the proxy tracking company Spur found 42 percent of apps available for download via the webOS operating system on LG smart TVs include SDKs that turn one’s television into an always-on residential proxy node. More than a quarter of the apps made for Samsung’s Tizen operating system had similar residential proxy components, Spur found.

Most interesting part of the article for me. I wonder if people with a streaming box run into tor-exit-node type problems.


    The Federal Bureau of Investigation (FBI) said today it worked
    with industry partners to seize hundreds of domains associated
    with NetNut, a sprawling residential proxy service operated by
    the publicly-traded Israeli company 
    Alarum Technologies [NASDAQ: ALAR].

Are residential proxies illegal? Why is the FBI involved with civil actions?

> https://x.com/weezerOSINT/status/2072772333329416654

> They seized the wrong domain. Netnut is still up and running

> The domain FBI seized: https://netnut.com

> The real domain https://netnut.io

The backend infrastructure, for similar reasons, is probably still operational, even if it might have taken a hit.


Google shows netnut.com[1] being the same thing, so not sure it's the wrong domain. Maybe not the main one. Brian Krebs' comment on this[2]:

> Pretty sure they're working on getting that domain too, but it's taking longer for some reason. Either way, they have dismantled the botnet's back end infrastructure, so for now it's not doing much.

[1] https://www.google.com/search?q=site%3Anetnut.com

[2] https://www.linkedin.com/posts/bkrebs_new-breaking-fbi-seize...


WRT [1], you get a lot more results with https://www.google.com/search?q=site%3Anetnut.io

And if they didn't even grab the main domain that the service used, why so confident that they've totally dismantled the back end infrastructure?


I personally have no insight into what they have or haven't dismantled. Just found the article interesting (had never heard of the company). Was responding to the "They seized the wrong domain" claim in the tweet you quoted. I read that and thought they disabled an unrelated domain, which doesn't appear to be the case. As for the main domain, no idea about that. Someone brought that up to the author of the piece, and the bit I quoted was his response. I have no more info beyond that.

They seized netnut.com, but netnut.io is still online. Not sure how long that'll last though.

Disrupting a publicly-traded Israeli company? Heads will roll on Monday.

This will cause a disruption to all sorts of intelligence operations. The FBI didn’t get the memo apparently.


Should've emailed procurement first

Google is pulling up the ladder for other internet crawlers for search engines and AI. It also hurts privacy and anonymity taking away an option to hide your IP without being an obvious VPN exit point.

Just annoyed that tencent and others are using alternate channels.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: