SpyderProxySpyderProxy
โ†– Back to blog

How to Tell If Your Residential Proxies Are Ethically Sourced (2026)

Daniel K./Wed Jul 08 2026/8 min read

When the FBI seized NetNut in July 2026 over a botnet of roughly two million hijacked devices, it exposed an uncomfortable truth about the residential proxy industry: a large share of "residential" IPs come from people who never knowingly agreed to sell their bandwidth. If your business relies on residential proxies, the single most important question you can ask a provider is deceptively simple — where do your IPs actually come from? This guide explains the two ways residential proxies are sourced, the red flags that reveal an unethical (and legally risky) network, and a practical checklist to vet any provider before you trust it.

The Two Ways Residential Proxies Are Sourced

Every residential proxy pool is built one of two ways. The difference is not a technicality — it is the difference between infrastructure you can rely on and infrastructure that can vanish overnight under a law-enforcement banner.

1. Ethical: opt-in, with real consent

Users install an app or SDK that clearly discloses that a slice of their idle bandwidth will be shared, they actively agree, and they are compensated for it — with cash, rewards, premium features, or an ad-free experience. Crucially, they can opt out at any time. The people whose IPs make up the pool know exactly what they signed up for. This is the sustainable, legal way to build a residential network.

2. Unethical: hijacked devices (botnets)

Malware or a hidden SDK silently conscripts consumer devices — home routers, phones, smart TVs, and IoT gadgets — and their bandwidth is resold as "residential" proxies without the owner ever knowing. This is the model behind the NetNut/Popa takedown, and the earlier 911 S5 network that was dismantled in 2024. The end user has no idea their device is a proxy node, and no way to say no. It is cheap to build and catastrophic to depend on.

Why Ethical Sourcing Matters (Beyond Morality)

Even setting ethics aside, sourcing is a hard business risk:

  • Sudden seizure. Botnet-backed networks can be taken down with zero notice, taking your entire scraping or automation operation offline instantly — exactly what happened to NetNut customers.
  • Legal and reputational exposure. If your traffic routed through unknowingly-compromised devices, that is a liability most businesses would never knowingly accept, and one that is increasingly scrutinized in vendor due diligence.
  • Security and IP reputation. Botnet exit nodes are shared with cybercriminals and espionage groups, so those IP ranges are flagged, blocklisted, and low-trust — which quietly wrecks your success rates.
  • Compliance. Consent and data-protection rules (GDPR and similar) increasingly push enterprises to require an auditable, ethically-sourced supply chain.

Red Flags vs Green Flags

You can usually tell a lot about a provider from how it talks about its pool. Here is the quick tell:

๐Ÿšฉ Red flags (walk away)โœ… Green flags (trustworthy)
Suspiciously cheap for a "huge" residential poolFair pricing that reflects real, compensated supply
No clear explanation of how IPs are sourcedPublic, plain-English sourcing statement
Pool tied to "free VPNs" or apps that bury the resale in fine printNamed opt-in apps/SDKs where users knowingly consent and are paid
No way for the underlying users to opt outUsers can leave the network at any time
Evasive or vague answers about supplyWilling to explain the supply chain and abuse handling
Named in abuse reports, botnet research, or takedownsClean track record and cooperation with abuse reports

Questions to Ask Any Provider

Before you commit, send these five questions to sales or support. A provider that cannot answer them clearly is a provider to avoid:

  1. Where do your residential IPs come from?
  2. Do the people whose devices are used opt in and get compensated?
  3. Can they opt out at any time?
  4. Do you vet or KYC your bandwidth suppliers?
  5. Have you ever been named in a botnet takedown or abuse investigation?

Clear, confident answers are a good sign. Deflection, buzzwords, or "that's proprietary" are not.

How to Check for Yourself

  • Look for a sourcing / ethics statement. Reputable providers publish how their pool is built. Silence is a signal.
  • Search the news. Google "<provider> botnet" and "<provider> seized." A history of takedown coverage is a hard red flag.
  • Test exit-IP reputation. Run a sample of their IPs through reputation and abuse databases (Spur, IPQualityScore, AbuseIPDB). Clean, consistent residential IPs are a good sign; IPs flagged as botnet or abusive are not. See our guide on what makes a clean proxy IP reputation and how to test proxies.
  • Be skeptical of prices that are too good to be true. Genuinely consented bandwidth costs money; pools that undercut everyone are often cutting the one corner that matters.

How SpyderProxy Sources Its Proxies

SpyderProxy is built the opposite way to a botnet. Our residential IPs come from ethically-sourced, opt-in networks where users knowingly consent to and are compensated for sharing a portion of their bandwidth — never from hijacked or malware-compromised devices. And because our pool spans several independent networksrotating residential, static residential (ISP), datacenter, and 4G/5G mobile — you are not dependent on any single pool that could be disrupted. The result is infrastructure that is both a clean conscience and genuinely resilient.

If you are re-evaluating your provider after the NetNut takedown, start with our NetNut alternative guide, or read up on whether proxies are safe and what a residential proxy actually is.

Frequently Asked Questions

What does "ethically sourced" mean for proxies?

It means the residential IPs in a proxy pool come from real users who knowingly opted in and are compensated for sharing a portion of their bandwidth, and who can opt out at any time. The opposite is a botnet, where malware conscripts devices without the owner's knowledge or consent.

How do residential proxies get their IPs?

Two ways: ethically, through opt-in apps and SDKs where users consent and are paid; or unethically, through malware that hijacks routers, phones, and IoT devices and resells their bandwidth without consent. The NetNut and 911 S5 takedowns are examples of the second model.

Are residential proxies legal?

Using residential proxies is legal, and scraping publicly accessible data is generally permissible. The legal and ethical risk is in the sourcing: if the pool is a botnet, your traffic routed through unknowingly-compromised devices, which is a liability. Choosing an ethically-sourced, opt-in provider removes that risk.

How can I tell if my proxy provider uses a botnet?

Ask where the IPs come from and whether users opt in and are compensated; look for a public sourcing statement; search for the provider's name alongside "botnet" or "seized"; and test a sample of exit IPs against reputation databases. Evasiveness, no opt-out for underlying users, and prices that are too good to be true are the main red flags.

Why does ethical sourcing matter for my business?

Beyond ethics, botnet-backed networks can be seized overnight and take your operation offline, expose you to legal and reputational risk, and hand you low-trust IP ranges shared with criminals. Ethically-sourced pools are more stable, cleaner, and increasingly required in enterprise vendor reviews.

Are SpyderProxy's proxies ethically sourced?

Yes. SpyderProxy's residential IPs come from opt-in networks where users consent to and are compensated for sharing bandwidth, not from hijacked devices, and our pool spans several independent networks for resilience.

Conclusion

The NetNut seizure made one thing clear: how a residential proxy network is sourced is not a footnote — it is the whole risk profile. Ethically-sourced, opt-in pools are stable, legal, and clean; botnet-backed pools are a time bomb. Ask the five questions, check the IP reputation, and be wary of prices that are too good to be true. A few minutes of vetting protects you from being the next provider's collateral damage.

Want proxies you never have to second-guess? Start with SpyderProxy residential proxies from $1.75/GB — ethically sourced, spread across multiple independent networks, in 195+ countries, and online right now.

Proxies You Never Have to Second-Guess

Ethically-sourced, opt-in residential IPs across multiple independent networks โ€” SpyderProxy from $1.75/GB in 195+ countries, online and ready now.