Cyber Cops Bust a $46M Botnet Empire: 7,000 Hacked IoT Devices Taken Down! 🦸‍♂️

Imagine your old router, gathering dust in the corner, secretly moonlighting as a cybercriminal’s sidekick. Sounds wild, right? Well, that’s exactly what was happening with over 7,000 Internet of Things (IoT) and end-of-life (EoL) devices roped into a massive proxy botnet called Anyproxy and 5socks. This sneaky network, active since 2004, was just dismantled in a jaw-dropping U.S.-Dutch law enforcement operation dubbed Operation Moonlander. 🎉 Let’s dive into the techy details, unpack how this botnet worked, and celebrate the takedown of a $46 million cybercrime empire. Buckle up — it’s a thrilling ride! 🚀

What Just Happened? The Big Bust 📢

On May 9, 2025, Dutch and U.S. authorities, with help from Lumen Technologies’ Black Lotus Labs and the Royal Thai Police, pulled the plug on a criminal proxy botnet that had been running for two decades. This network, powered by thousands of hacked IoT devices like routers and cameras, was sold as a “residential proxy service” on sites like Anyproxy.net and 5socks.net. Cybercriminals paid anywhere from $9.95 to $110 a month to route their shady traffic through these devices, hiding their tracks while launching attacks like password spraying, DDoS assaults, and ad fraud. 💸