FBI Seizes NetNut: What It Means for Your TV
The FBI recently seized the NetNut proxy platform and the Popa botnet. Here is how your smart TV might be at risk.
NetNut
seizures by the FBI have sent a shockwave through the residential proxy market. Federal authorities recently moved to take down hundreds of domains linked to the service. This action targets a network that experts identified as the foundation for the Popa botnet.The Mechanics of a Botnet
NetNut operates as a residential proxy service. It's owned by Alarum Technologies, a publicly traded company, and its software turns everyday hardware into proxy nodes, including smart TVs and streaming boxes. So that's the whole business.
Your device is now an always-on exit point. But other people rent this connection, using it to hide their traffic while they engage in activities like content scraping or advertising fraud. They consume your bandwidth.
They led the takedown. The FBI and the Internal Revenue Service Criminal Investigation division worked closely with industry partners, who helped dismantle the domains that supported the Popa botnet. It's a clean strike.
What Your TV Does While You Sleep
You might wonder how your home hardware got involved. But the issue often starts with the software you install. It's a simple twist. Many third-party apps for smart TVs contain proxy software development kits, and these kits effectively turn your television into a private tunnel for strangers.

Google recently noted that this traffic exposure is a real risk. So if your device acts as an exit node, unauthorized data passes through your home network, and it's a serious concern because that can expose other private devices behind your firewall to external threats. It's dangerous.
The Real World Impact
The scale of this issue is significant. Consider these facts about the infrastructure behind the scenes:
- The Popa botnet consists of at least two million compromised devices.
- During one week in June 2026, researchers observed 316 distinct clusters of threat actors using suspected exit nodes.
- Apps on LG smart TVs can be a vector, with 42 percent of webOS apps containing proxy software kits.
- Around 25 percent of apps built for Samsung Tizen operating systems contain similar components.
The Industry Response
The legal counsel for the parent company stated they are aware of the situation. Omer Weiss, acting for Alarum Technologies, provided a comment on the matter:
Alarum takes this matter seriously and will fully cooperate with law enforcement to ensure any misuse of its infrastructure is thoroughly investigated and those responsible are held to account.
Protecting Your Home Network
Worried about your own hardware? Take a hard look at your apps. Sticking to name brands is a start, but you've got to be especially careful with what you install on your streaming boxes because a single sketchy app can compromise your entire setup. And don't forget to check permissions regularly.
Avoid unofficial Android operating systems. Really, just don't. They don't operate within the safety of official stores like Google Play Protect, so if you use a TV box, check that it's certified to run official software, because that's the only way to ensure your device remains secure and reliable.
The network of proxy services is fluid. But when one provider goes down, others often fill the gap, and they may turn to reselling capacity from competitors just to stay afloat during periods of instability. Stay vigilant about your privacy settings. And don't install unknown software on your home devices.
The Future of Proxy Risks
The takedown of these domains will disrupt current operations and limit the available pool of devices for those running these networks. But the risk remains for users who install unofficial apps. It's not over.
Keep your software updated. Remove apps you do not recognize. Your home network is your private space. Keep it that way.
Frequently Asked Questions
What did the FBI seize related to NetNut?
The FBI seized hundreds of domains linked to the NetNut service. This action targeted a network that experts identified as the foundation for the Popa botnet.
How does NetNut's software turn your TV into a proxy node?
NetNut's software, embedded in third-party apps for smart TVs, contains proxy software development kits that turn your television into a private tunnel for strangers. This allows your device to act as an always-on exit node for other people's traffic.
Why is the FBI's takedown of NetNut significant for home users?
The takedown disrupts current operations and limits the pool of available devices for botnets, but the risk remains for users who install unofficial apps. Your home network could be exposed if your device acts as an exit node, allowing unauthorized data to pass through and threaten other private devices behind your firewall.
Who led the operation against NetNut, and which agencies were involved?
The FBI and the Internal Revenue Service Criminal Investigation division led the takedown. They worked closely with industry partners to dismantle the domains that supported the Popa botnet.
What practical steps can you take to protect your home network from proxy risks?
Stick to name-brand apps and be especially careful with what you install on streaming boxes, as a single sketchy app can compromise your entire setup. Avoid unofficial Android operating systems, check that your TV box is certified to run official software, and regularly review app permissions and remove unrecognized apps.
๐ฌ Comments (0)
No comments yet. Be the first!













