$46 Million Cybercrime Botnet Dismantled by FBI and Dutch Authorities

In a major international operation, the FBI and Dutch law enforcement have taken down a cybercrime network that operated a botnet since 2004, generating an estimated $46 million in illicit profits. The network, known for exploiting outdated home and business routers, was used by cybercriminals to conceal their identities and carry out illegal activities anonymously.

The botnet relied on malware called “TheMoon,” which infected end-of-life routers, including models from Linksys and Cisco. These compromised devices were then turned into proxy servers and sold through platforms like 5socks.net and Anyproxy.net. Victims were often unaware that their routers were being used to facilitate global cybercrime.

Authorities seized the botnet's domains and disrupted its operations, charging suspects from Russia and Kazakhstan with running the criminal infrastructure. The FBI has urged the public to replace outdated routers and ensure devices are regularly updated to avoid unknowingly becoming part of similar schemes.

The case underscores the importance of cybersecurity hygiene and the risks associated with unmaintained digital equipment.