Google disrupts NetNut proxy network used in malware operations

July 2, 2026 2:09 PM EDT

FILE PHOTO: The Google logo is seen outside the company's offices in London, Britain, June 24, 2025. REUTERS/Carlos Jasso/File Photo

July 2 (Reuters) - Alphabet's Google ‌said on ​Thursday ​it weakened a large network of internet-connected devices that was being used to hide and route ‌malicious online activity.

The tech giant said it took ⁠action against the NetNut residential proxy network, also known as Popa, ‌in partnership with the FBI ‌and Lumen, among others.

Google said it disabled accounts and services used in NetNut-related malware command-and-control operations and shared ​technical intelligence on the group's infrastructure with law enforcement and industry partners to support broader enforcement efforts.

Residential ⁠proxy networks route internet traffic through consumer IP addresses, masking its origin and ​sometimes bypassing security defenses. While they have legitimate uses, they are also often abused for cybercrime ​because they hide the true source ‌of traffic.

"We believe our coordinated actions have caused significant degradation to NetNut's proxy network and ⁠its business operations, reducing the available pool of devices for the proxy operator by millions," Google said in a blog.

NetNut ⁠offers rotating residential, ISP, mobile and datacenter proxies. Founded in 2017, it is ​a subsidiary of Israel-based web data provider Alarum Technologies.

Alarum and NetNut were informed of the seizure of some of its domains by ‌the FBI on Thursday, the company told Reuters.

"Alarum takes this matter seriously and will fully ‌cooperate with law enforcement to ensure any misuse of ⁠its infrastructure is thoroughly ‌investigated and those responsible ​are held to account."

(Reporting by Juby Babu in Mexico City; Editing by Tasim Zahid and Sahal ‌Muhammed)



Serious News for Serious Traders! Try StreetInsider.com Premium Free!

You May Also Be Interested In





Related Categories

Reuters