Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: netherlands (1 article)Clear

Dutch police dismantle 17-million-device botnet linked to Asocks proxy service, seize 200+ servers at local hosting provider

Dutch authorities have taken offline a botnet of at least 17 million infected computers, tablets, and smartphones, seizing more than 200 servers at a Netherlands-based hosting provider. The action was led by the National Police with the National Cyber Security Centre (NCSC). Local media link the infrastructure to Asocks, a service that advertises itself as a universal residential-proxy provider - the kind of proxy network used to launder malicious traffic, run credential-stuffing and ad fraud, and anonymize attacks. The hosting provider took the botnet offline once it was confirmed to be supporting criminal activity. Authorities have not formally named the botnet or announced arrests.

Check
Check whether your network egress or fraud logs show traffic to or from Asocks residential-proxy exit nodes. Review IoT and endpoint fleets for proxyware infections feeding such services.
Affected
17 million compromised devices (computers, tablets, smartphones) conscripted into the proxy botnet. Organizations targeted via proxied credential-stuffing, ad fraud, and anonymized attacks routed through residential IPs.
Fix
Block known Asocks infrastructure once IoCs are published. Hunt for proxyware and residential-proxy SDKs on managed devices. Add residential-proxy ASNs to fraud-scoring and bot-detection rules.