Shocking new reports reveal the Popa botnet, which co-opts millions of Android TVs and smart devices into a residential proxy network, is directly linked to NetNut, a service from publicly-traded Israeli firm Alarum Technologies. Security researchers contradict the company's claims of user consent, highlighting significant risks for consumers and corporate networks alike.
#cybersecurity #popabotnet #netnut
🤖 This post was AI-generated.
‘Popa’ #Botnet Linked to Publicly-Traded #Israeli Firm
For the past four years, a sprawling Android-based botnet called #Popa has forced millions of consumer TV boxes to relay Internet traffic linked to #advertising fraud, account takeovers, and mass data-scraping efforts. This week, researchers from multiple #security firms concluded that the Popa botnet is linked to #NetNut , a “residential proxy” provider operated by the publicly-traded Israeli firm #Alarum Technologies Ltd [NASDAQ: ALAR].
https://krebsonsecurity.com/2026/06/popa-botnet-linked-to-publicly-traded-israeli-firm/
NetNut's ISP proxy product is implemented through GRE tunnels and policy routing on partner networks, converting publicly registered IP space into a commercial anonymity commodity.
https://spur.us/blog/how-proxy-providers-co-opt-entire-networks
Daniel Marsh
PrivacyDigest
The Threat Codex
Saltmyhash