Hacker News
FBI Seizes NetNut Proxy Platform, Popa Botnet
awakeasleep
|next
[-]
> Even people without TV streaming boxes can find their smart TVs enrolled in residential proxy networks, just by installing one of thousands of apps available for download on Samsung and LG smart TVs. In a report released last month, the proxy tracking company Spur found 42 percent of apps available for download via the webOS operating system on LG smart TVs include SDKs that turn one’s television into an always-on residential proxy node. More than a quarter of the apps made for Samsung’s Tizen operating system had similar residential proxy components, Spur found.
Most interesting part of the article for me. I wonder if people with a streaming box run into tor-exit-node type problems.
KomoD
|root
|parent
[-]
Some definitely do.
One of my family members had a mobile app installed that turned their device into a resi proxy, and I started to get super frequent CAPTCHAs, which I thought was odd. I found out what was happening when our IP got banned from Wikipedia with the reason "believed to be a residential proxy"
WarOnPrivacy
|next
|previous
[-]
The Federal Bureau of Investigation (FBI) said today it worked
with industry partners to seize hundreds of domains associated
with NetNut, a sprawling residential proxy service operated by
the publicly-traded Israeli company
Alarum Technologies [NASDAQ: ALAR].
A_D_E_P_T
|next
|previous
[-]
> They seized the wrong domain. Netnut is still up and running
> The domain FBI seized: https://netnut.com
> The real domain https://netnut.io
The backend infrastructure, for similar reasons, is probably still operational, even if it might have taken a hit.
k1m
|root
|parent
[-]
> Pretty sure they're working on getting that domain too, but it's taking longer for some reason. Either way, they have dismantled the botnet's back end infrastructure, so for now it's not doing much.
[1] https://www.google.com/search?q=site%3Anetnut.com
[2] https://www.linkedin.com/posts/bkrebs_new-breaking-fbi-seize...
A_D_E_P_T
|root
|parent
[-]
And if they didn't even grab the main domain that the service used, why so confident that they've totally dismantled the back end infrastructure?
KomoD
|root
|parent
|next
[-]
> As a result of these developments, the Company is currently experiencing disruptions to a portion of its services. If these disruptions continue for an extended period, they are likely to have a material adverse effect on the Company's operations, financial results and its ability to provide certain services to its customers.
https://www.globenewswire.com/news-release/2026/07/03/332182...