this post was submitted on 29 May 2026
37 points (93.0% liked)

Technology

84996 readers
3406 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 3 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
37
Botnet of more than 17 million devices dismantled (arstechnica.com)
submitted 4 hours ago by return2ozma@lemmy.world to c/technology@lemmy.world
8 comments fedilink hide all child comments
top 8 comments
sorted by: hot top controversial new old
[–] adespoton@lemmy.ca 13 points 3 hours ago (1 children)

“The botnet was taken offline by the provider because it was used for criminal purposes.”

Isn’t the botnet itself a criminal intrusion? I mean, it’s unlikely that the owners of the exit nodes were even aware they were part of it.

[–] frongt@lemmy.zip 5 points 3 hours ago (1 children)

It sounds like people installed one of those free proxy things that's actually malware. I'm not sure I'd call that "intrusion" but it's certainly illegal.

[–] kn33@lemmy.world 4 points 3 hours ago (1 children)

I mean, it might've not been illegal. It was probably hidden in some T&C somewhere. That's the trade-off. You get a free privacy proxy, they get a free residential proxy endpoint.

[–] frongt@lemmy.zip 2 points 3 hours ago

Deploying botnet software is usually always illegal, regardless of consent.

[–] tal@lemmy.today 2 points 3 hours ago

People who want to prevent their devices from being swept into botnets should install security updates in a timely manner and resist the urge to continue using software or devices that no longer receive them.

That doesn't really seem likely to happen on its own. I'm pretty sure that most IoT devices phone home and upgrade themselves (which, frankly, I'd be maybe more-concerned about as a vector than a lack of updates, since anyone can buy a defunct IoT maker and thus get control of all those devices, or penetrate the IoT maker's network) and I imagine that most people have no idea when a device has last been updated.

You can maybe have some sort of network protocol where devices can report their last update. That'd maybe permit for auditing that, if you had a device that would tell a user about an outdated device, which isn't really the case today. Also kind of hard to tell an end user what a device at IP address X is. If they're on the same LAN, maybe could try to identify it by OUI on the Ethernet address, I guess, but that's not going to give you a convenient helpful-to-most-end-users product ID for a lot of devices.

[–] kibblebits@quokk.au -2 points 3 hours ago (1 children)

I thought Lemmy.ml had been quiet recently.

[–] Chulk@lemmy.ml 2 points 2 hours ago (1 children)

I don't think there are many bots on Lemmy. If I were a betting man, though, I'd wager that the 10-day-old account complaining about the .ml instance is the bot

[–] limerod@reddthat.com 1 points 9 minutes ago

He also has made 300 comments in just 10 days. I have a total of 1600 in 2yrs. I make more comments compared to posts yet he will outpace me in the next 30days. Definitely sus 🤖