Monday Recap: Proxy Botnets, Browser Ransomware
⚡ Google and partners disrupted the NetNut residential proxy network (aka Popa), which abused smart home devices and preinstalled SDKs to route malicious traffic through an estimated 2 million devices. Other incidents this week include fake PoC repos delivering the ChocoPoC RAT via a dependency, a 19-year-old alleged Scattered Spider suspect extradited to the U.S., and a Brazilian Ousaban banking trojan targeting Spain and Portugal. Check Point flagged AI-generated browser ransomware leveraging the File System Access API, illustrating AI can autonomously devise working attack techniques.
