Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices

Dutch authorities have announced the takedown of a botnet that enslaved millions of infected devices, including computers, tablets, smartphones, and IoT devices, to carry out malicious attacks. The bot network, per the Dutch Politie and the National Cyber Security Center (NCSC), consisted of at least 17 million infected devices. More than 200 servers located in the Netherlands acted as the

Dutch authorities, led by the National Police and NCSC, dismantled a massive proxy botnet of at least 17 million compromised devices (computers, smartphones, tablets, routers, and IoT) controlled via more than 200 servers hosted in the Netherlands.[1][3][5][6] Reports link the infrastructure to the Asocks residential proxy service, which criminals used to route phishing, spam, DDoS, credential stuffing, and other attacks through legitimate consumer IP addresses to evade detection.[1][4][5][6] From a CyberSE.AI perspective, such large residential proxy botnets can be abused to mask large-scale automated probing of AI services, distributed credential attacks against AI admin consoles, and stealthy scraping or abuse of public AI endpoints. Organizations operating or consuming AI systems should continuously red team their AI-facing infrastructure and access controls against botnet-style, geo-distributed traffic patterns that appear to originate from normal consumer devices.