For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. This week, researchers from multiple security firms concluded that the Popa botnet is linked to NetNut, a "residential proxy" provider operated by the publicly-traded Israeli firm Alarum Technologies Ltd [NASDAQ: ALAR].
Security researchers have recently concluded and publicized links between a sophisticated botnet and a publicly traded company, providing concrete evidence of the botnet's operators.
This exposes the direct involvement of a legitimate, publicly traded firm in large-scale illicit activities like advertising fraud and data scraping, raising questions about corporate ethics and supply chain integrity in the digital realm.
The connection of 'Popa' botnet to Alarum Technologies Ltd. transforms the understanding of this specific botnet from an anonymous threat to one with a clear, corporate genesis, potentially leading to legal and reputational consequences.
- · Cybersecurity researchers
- · Advertising platforms enforcing fraud detection
- · Alarum Technologies Ltd
- · Companies unknowingly using compromised residential proxy services
- · Organizations whose data is scraped
Increased scrutiny and potential regulatory action against Alarum Technologies Ltd. and the 'Popa' botnet infrastructure.
A broader re-evaluation of 'residential proxy' services by businesses and an increased demand for transparent, ethically sourced IP networks.
Heightened public awareness of the dark side of internet infrastructure and the potential for seemingly legitimate services to facilitate illicit activities, impacting investor confidence in related tech sectors.
This signal links to a primary source. Continuum Brief monitors and indexes it as part of the live intelligence stream — we do not republish source content.
Read at Krebs on Security