17 Million Devices. One Dutch Botnet Takedown. Your Router Was Probably Part of It.
Dutch police just pulled the plug on a botnet that enslaved 17 million devices. Computers, tablets, smartphones, routers, smart fridges — anything with an internet connection was fair game.
The backend ran on more than 200 servers hosted in the Netherlands. Right under our noses.
Meet Asocks — a residential proxy service that sold access to your devices for $5–$15 a month. You didn’t get a cut. You didn’t get notified. Your router was just quietly renting itself to criminals.
Your device doesn’t need to feel slow or act weird to be part of a botnet. Asocks turned infected devices into residential proxies. To you, nothing changed. To criminals, your IP address became a clean, hard-to-block gateway for attacks.
The Anatomy of the Botnet — Asocks
Asocks advertised itself as a legitimate residential proxy service. Pay $5–$15 per month, get access to a pool of IP addresses from real homes and businesses. Bulk discounts for 10–100 proxies.
The catch? Those IP addresses came from infected devices. The owners had no idea their router, phone, or computer was being used to mask cyberattacks.
- 17 million infected devices — one of the largest botnets ever dismantled in Europe
- 200+ servers in the Netherlands — the command-and-control infrastructure was hosted locally
- Residential proxies sold to anyone — from legitimate businesses to cybercriminals
- Devices infected via: default credentials, unpatched routers, malicious apps, and compromised IoT devices
• Default password on your router? That’s an invitation.
• Old Android phone you never update? Welcome to the botnet.
• Smart TV, IP camera, baby monitor with default creds? You’re a proxy now.
Attackers don’t need your data. They need your IP address. Your device is worth more to them as a pawn than as a target.
What the Takedown Actually Did
The Dutch Politie and National Cyber Security Centre (NCSC) seized a subset of the 200+ servers from a hosting provider. After being notified of the criminal use, the hosting provider took the remaining infrastructure offline.
Asocks is now dead. But the devices? Still vulnerable. Still sitting on default passwords. Still waiting for the next botnet operator to come along.
One botnet dies. Five more are already running. The infrastructure is cheap. The devices are still misconfigured. The people who owned those 17 million infected devices still don’t know they were part of a botnet.
You might have been one of them. You’ll never know.
Why You Should Care — Even If Your Device Feels Fine
- Residential proxies are valuable. Criminals pay for clean IP addresses because they don’t get blocked as easily as datacenter IPs.
- Your IP could have been used for: credential stuffing, DDoS attacks, ad fraud, phishing campaigns, and bypassing geo-restrictions.
- You wouldn’t have noticed. The proxy software runs in the background, using minimal resources. No popups. No performance hits.
- Asocks is gone. The next botnet isn’t. The same vulnerabilities that allowed this botnet to grow still exist on millions of devices.
✅ Change your router’s default password. Right now. Not “later.”
✅ Update firmware on every device — routers, cameras, smart home gear, phones.
✅ Check for unknown devices on your network. Use your router’s admin panel or a network scanner.
✅ Disable remote management on your router unless you absolutely need it.
✅ Be suspicious of “free” VPNs and proxy apps. Many are just botnet recruiters in disguise.
The Bottom Line
Seventeen million devices. Two hundred servers. One Dutch botnet takedown.
Asocks is offline. But the devices are still out there. The default passwords are still “admin/admin.” The unpatched routers are still waiting for the next operator.
You weren’t hacked. You were recruited. Your device was a silent soldier in a botnet army, and you never knew.
Change your passwords. Update your firmware. Or don’t — and let your router rent itself to the next bidder.
Think your network is clean? Let’s check.
Full infrastructure pentest: €3,000. IoT/network security audit: included. Security retainer: €1,500/month.
📩 DM @StackOfTruths on XFree 15-min consultation. No hard sell. Just honest answers about your device exposure.
Leave a Reply