Dutch Police Dismantle Massive 17-Million-Device Botnet

Dutch authorities seized command-and-control servers tied to a botnet of infected computers, smartphones, and tablets that was allegedly used to power a residential proxy network and facilitate cybercrime. The post Dutch Police Dismantle Massive 17-Million-Device Botnet appeared first on SecurityWeek .

According to Dutch police and the NCSC, authorities seized more than 200 command-and-control servers in the Netherlands that controlled a botnet of at least 17 million infected devices, including computers, smartphones, tablets, routers, and IoT systems.[1][2][4][5] Reports indicate the infrastructure was allegedly used as a residential proxy service (linked in reporting to Asocks) to disguise cybercrime such as DDoS attacks, phishing, credential stuffing, and malware distribution behind consumer IP addresses.[1][4][5] From a CyberSE.AI perspective, large residential proxy botnets materially increase the risk that AI-driven attack tooling (for phishing, account takeover, and automated recon) can operate at massive scale while evading IP-based and geo-based defenses. Organizations using AI systems and agents in production should assume that adversaries can blend into residential traffic and should employ Continuous AI Red Teaming to validate that their AI-powered defenses, fraud controls, and anomaly detection still perform effectively when attacks are routed through such proxy botnets.