Dutch police say they helped dismantle a botnet made up of at least 17 million compromised devices, with 200 supporting servers traced to the Netherlands and seized or shut down with help from a hosting provider. Authorities and NCSC-NL did not name the botnet or specify the exact malware family, but said affected devices likely included poorly secured routers, mobile devices, and Internet of Things hardware commonly abused for phishing, distributed denial-of-service attacks, and online fraud.
Why it matters: A botnet this large can be used to hide attacks, knock services offline, and abuse ordinary people's devices without their knowledge. Users and organizations should check internet-connected devices for updates, replace default passwords, and avoid unofficial app sources while defenders watch for follow-on indicators once police release more details.
Ionut Arghire
2026.06.01
99% relevant
This article is another report on the same Dutch police takedown, adding that authorities seized several command-and-control servers from a Dutch hosting provider, that local reporting identified the targeted service as Asocks, and that the botnet included infected computers, smartphones, and tablets used for residential proxy abuse and cybercrime.
Bill Toulas
2026.05.29
99% relevant
This is the same underlying event: Dutch police and the NCSC disrupting a botnet of at least 17 million infected devices and seizing more than 200 servers in the Netherlands. The article adds attribution reported by local media linking the infrastructure to the Asocks proxy service and notes authorities' view that affected device owners likely did not knowingly participate.
2026.05.29
100% relevant
This article appears to be the first report establishing this specific Dutch police takedown of an unnamed 17 million-device botnet, and it does not match any listed existing tracked story.
← Back to all stories