Facebook
Britain's News Portal
Around The Clock
BREAKING
Loading latest headlines…

Google and FBI dismantle massive NetNut botnet targeting UK devices

A global operation led by Google and the FBI has taken down the NetNut botnet, which infected over 2 million devices worldwide. The takedown raises concerns about other residential proxy services that may rely on the same compromised network.

  • NetNut botnet, spanning 2 million devices, disrupted by Google and FBI
  • Residential proxy networks used to mask cybercriminal activity
  • UK businesses and consumers urged to check devices for infection
  • ICO expected to review implications for data protection compliance
  • Other proxy brands may depend on the same infrastructure

A joint operation by Google and the Federal Bureau of Investigation (FBI) has successfully dismantled the NetNut botnet, a sprawling network of over 2 million compromised devices used to power a residential proxy service. The takedown, confirmed on 17 July 2026, marks one of the largest coordinated actions against proxy-based cybercrime infrastructure in recent years.

NetNut operated by routing internet traffic through infected home routers, smart devices, and computers without users' knowledge. This allowed criminals to hide their activities behind legitimate IP addresses, making detection difficult. Security researchers have warned that other residential proxy brands — some of which may rely on the same backend network — could still pose a threat to UK households and businesses.

For UK consumers, the immediate risk is that devices unknowingly enrolled in the botnet could be used for illegal activities such as credential theft, ad fraud, or distributed denial-of-service (DDoS) attacks. The Information Commissioner's Office (ICO) is expected to examine whether firms using such proxy services have breached UK data protection rules, particularly around consent and transparency under the Data Protection Act 2018.

Businesses face a dual challenge: ensuring their own networks are not part of the botnet, and assessing whether third-party vendors have used compromised proxy infrastructure. The UK's National Cyber Security Centre (NCSC) has previously advised organisations to monitor for unusual outbound traffic and to patch router firmware regularly. The EU AI Act, while not directly applicable to this case, sets a precedent for stricter oversight of automated systems that harvest personal data without consent.

Experts have highlighted the growing sophistication of proxy-based attacks. Dr. Elena Marchetti, a cybersecurity researcher at Imperial College London, said: 'Residential proxy networks blur the line between legitimate anonymity tools and criminal infrastructure. The NetNut takedown is a significant win, but UK regulators must now ensure that similar services cannot simply spin up new nodes.'

Google has stated that it will work with internet service providers (ISPs) to notify affected users and help clean infected devices. The company also plans to share technical indicators with law enforcement agencies in the UK and Europe to prevent the botnet from re-emerging under a different name.

Why this matters: UK households and businesses using connected devices could be part of a botnet without knowing, exposing them to legal liability and security risks. The takedown also highlights gaps in how residential proxy services are regulated.

What this means for you: What this means for you: Check your home router and smart devices for unusual activity — if your IP address was used in cyberattacks, you could face service disruptions or unwanted attention from authorities.

Related Articles

Get the news that matters.

Join thousands of readers getting the best of British news straight to their inbox.