This week, Google, the FBI and a group of industry partners dismantled NetNut — one of the world’s largest “residential proxy” networks, built from at least two million infected Android devices, including smart TVs and streaming boxes, as reported by BleepingComputer. If that term is new to you, it’s worth two minutes of your time.
A residential proxy is a way for attackers to disguise where their traffic comes from. Rather than attacking from a server that security systems would flag instantly, they route their traffic through infected everyday devices in homes and businesses — so to the target, it looks like a normal household internet connection. Think of a burglar borrowing your car for the getaway: the number plate the cameras catch is yours. Google counted 316 separate criminal and espionage groups using NetNut’s hijacked devices in a single week.
Why does this matter to your business? The malware often ships pre-installed on cheap, no-name Android TV boxes, or arrives via dodgy apps. In the venues and offices we support around Australia, we regularly find bargain streaming boxes and smart TVs sitting on the same network as the point-of-sale system and office PCs — which means a compromised $60 TV box shares a network with your payment data.
One practical step: put TVs, streaming boxes and other smart devices on a separate or guest network, and stick to Play Protect-certified hardware. If you’re not sure what’s on your network, our cybersecurity team can map it for you — most owners are surprised by what turns up.
Related Guide
Cybersecurity for Sydney SMBs
Explore our complete guide to protecting your business from cyber threats.
