Overview
- Dutch police and the National Cyber Security Centre, which announced the operation Thursday, identified roughly 200 servers and worked with a local hosting provider to take the botnet infrastructure offline for forensic investigation.
- Investigators say the network controlled at least 17 million compromised devices including computers, smartphones, tablets, routers and other internet‑connected gadgets.
- The Hague cybercrime unit seized several servers from the hosting provider and the provider disabled the remaining infrastructure after authorities confirmed it was used for criminal purposes.
- Local media have linked the seized servers to ASOCKS, a commercial residential and mobile proxy service, but Dutch authorities have not publicly confirmed that link or named any suspects and the probe remains active.
- Residential proxies route third‑party traffic through ordinary devices, which makes attacks look like normal local traffic; researchers have traced enrollment to proxyware, bundled SDK code such as PROXYLIB, and malware, so officials urge users to update devices, change default passwords and disable unnecessary remote access.