Security researchers have connected the Popa Android botnet to NetNut, a residential proxy service operated by publicly-traded Alarum Technologies Ltd. The botnet has compromised millions of TV boxes for four years.
The Popa botnet has infected millions of consumer TV boxes, redirecting Internet traffic to support advertising fraud, account takeovers, and large-scale data scraping. Multiple security firms announced this week that the operation traces back to NetNut, a residential proxy provider offering access to consumer internet connections.
Alarum Technologies, listed on NASDAQ under ticker ALAR, operates NetNut as part of its business model. Residential proxies mask traffic origins by routing requests through real consumer devices, a technique commonly exploited for fraud and unauthorized data collection.
The four-year campaign demonstrates how legitimate-appearing companies can mask illicit infrastructure behind proxy services. Researchers did not disclose whether Alarum Technologies was aware of the botnet's use of NetNut infrastructure or the extent of the company's involvement in Popa's operations.
The disclosure raises questions about oversight of proxy service providers and their responsibility for detecting abusive traffic patterns on their networks.
Let's Encrypt experienced widespread certificate renewal failures today, according to the service status page. The incident affected numerous users attempting to renew their SSL certificates.
Microsoft has identified a lightweight backdoor malware that targets cryptocurrency wallets and spreads via USB drives. The malware, known as Crypto Clipper, communicates through the Tor network to evade detection.
India's government told the Delhi High Court that Telegram acknowledged its inability to proactively detect channels selling leaked exam papers. The platform was warned two weeks before being blocked in the country.
Australia's communications regulator will require businesses to register their SMS and MMS sender identities. The move aims to combat spam and fraudulent messaging.