Skip to content

Dutch Authorities Dismantle Botnet with 17 Million Infected Devices

Bottom line: Dutch authorities have dismantled a botnet comprising at least 17 million infected devices (computers, tablets, smartphones, IoT devices).

Dutch Police and the National Cyber Security Center (NCSC) have announced the dismantling of a botnet that encompassed at least 17 million devices. Over 200 servers based in the Netherlands served as infrastructure for the network.

Dutch authorities – Politie and National Cyber Security Center (NCSC) – have dissolved a large-scale botnet infrastructure. The network infected at least 17 million end devices across different categories: PCs, tablets, smartphones and IoT systems. Over 200 servers on Dutch territory functioned as the central command and control point for botnet operations.

For CISOs, this case underscores the criticality of an asset management strategy that systematically captures IoT and mobile devices. Botnets of this scale typically emerge from a combination of insufficient security patches, lack of endpoint hardening and inadequate network segmentation. The scale of the infection illustrates how rapidly malware spreads across heterogeneous environments when vulnerabilities are not closed in a timely manner.

The coordination between the national police authority and specialized cybersecurity center also demonstrates the relevance of incident response and threat intelligence at the state level. Organizations should leverage such dismantling operations as an opportunity to have their telemetry systems reviewed and verify whether their own infrastructures were affected.


Source: thehackernews.com · Published May 31, 2026
Lumi AI News — AI-assisted curation in accordance with Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.2.0.

Share on: