Google and FBI Disrupt NetNut Residential Proxy Network Linked to 2 Million Devices

Google and FBI Disrupt NetNut Residential Proxy Network Linked to 2 Million Devices

First seen 2 Jul 2026, 22:50 UTC AolFeeds.FeedburnerItnews.Auflashpoint.ioCybernews+10 88% similarity 70.2
Share:

Article Content

Browse articles
ThreatCluster

On July 2, 2026, Google, in coordination with the FBI and Lumen Technologies, announced the disruption of the NetNut residential proxy network, also known as Popa, which is estimated to have compromised at least 2 million devices globally. This operation involved disabling Google accounts and services associated with the botnet's command-and-control infrastructure. The disruption is part of an ongoing campaign to dismantle malicious proxy networks, following a similar action against the IPIDEA network in January 2026. The NetNut network was used for various cybercriminal activities, including password spraying and malware command-and-control operations. Google shared technical intelligence on NetNut's SDKs and backend infrastructure with law enforcement and industry partners to bolster enforcement efforts. The disruption is expected to have significant ripple effects across the residential proxy ecosystem, but the resilience of individual networks remains a concern. Many popular residential proxy brands are suspected of whitelabeling NetNut's services, complicating the impact of the takedown.

Key Points: • Google and FBI disrupted the NetNut proxy network, affecting at least 2 million devices. • The operation involved disabling accounts linked to malware command-and-control operations. • Many residential proxy brands may be tied to NetNut, complicating the disruption's effectiveness.

ThreatCluster AI

Timeline

2026-01-05
Disruption of IPIDEA proxy network
Google previously disrupted the IPIDEA network, setting a precedent for ongoing proxy network takedowns.
Cybernews
2026-07-02
Google announces disruption of NetNut network
Google revealed the takedown of the NetNut residential proxy network, impacting millions of devices worldwide.
Aol
2026-07-02
FBI seizes domains associated with NetNut
The FBI seized hundreds of domains linked to the NetNut proxy service, enhancing enforcement efforts against cybercrime.
Feeds.Feedburner
2026-07-03
Google details disruption efforts
Google shared insights on the disruption's impact and ongoing monitoring of the NetNut network's peers.
Cloud.Google

Community

Browse all →