spyderproxy

NetNut Seized by the FBI: The Best NetNut Alternative (2026)

D

Daniel K.

|
Published date

Wed Jul 01 2026

|8 min read

If you are a NetNut customer, your proxies have likely stopped working — and there is a serious reason why. In early July 2026, the FBI seized NetNut, one of the largest residential proxy providers, as part of an international operation that authorities say targeted a botnet of roughly two million compromised consumer devices. This guide explains exactly what happened, what it means for anyone who was routing traffic through NetNut, and the best ethical, reliable NetNut alternative to migrate to today.

What Happened to NetNut?

According to the FBI and reporting from KrebsOnSecurity, The Register, and others, the FBI seized hundreds of domains tied to NetNut in early July 2026. Visitors to NetNut's main domain are now met with an official law-enforcement seizure banner, credited to IRS Criminal Investigation alongside partners including Google, Lumen, and Shadowserver.

NetNut is operated by the publicly traded Israeli company Alarum Technologies (NASDAQ: ALAR). Investigators and security researchers have linked NetNut's network to the so-called "Popa" botnet — a collection of roughly two million consumer devices, from home routers to smart TVs, that were allegedly compromised by malware and turned into proxy exit nodes without their owners' knowledge or consent. Google's Threat Intelligence Group disabled the accounts and services the network used for command and control, and in a single week of June 2026 reported observing hundreds of distinct threat-actor clusters — including cybercriminal and state-sponsored espionage groups — using suspected NetNut exit nodes.

For its part, Alarum Technologies said it is aware of the action and stated it "will fully cooperate with law enforcement." The investigation is ongoing. But the practical reality for customers is immediate and simple: NetNut's infrastructure is seized, and it is not coming back.

Why This Matters for Anyone Using Proxies

The NetNut takedown is a wake-up call about how a residential proxy network sources its IP addresses. There are two ways to build a residential pool:

  • Ethically, with real consent — users opt in through a clearly disclosed app or SDK and are compensated for sharing a slice of their idle bandwidth.
  • Unethically, by hijacking devices — malware silently conscripts routers, phones, and IoT devices into a botnet, and their bandwidth is resold as "residential" proxies without the owner ever knowing.

If a network is built the second way, every request a customer sent was routed through a victim's compromised device. That carries three serious risks that just became very real for NetNut users:

  • Sudden shutdown. Botnet-backed infrastructure can be seized overnight with zero notice — taking your entire scraping or automation operation offline instantly, which is exactly what happened here.
  • Legal and reputational exposure. Routing your traffic through unknowingly-compromised devices is a liability most businesses would never knowingly accept.
  • Security and IP reputation. Sharing exit infrastructure with cybercriminals and espionage groups means your traffic mingled with malicious actors, and those IP ranges are now radioactive.

What to Do Right Now If You Used NetNut

  1. Stop routing production traffic through NetNut immediately. The endpoints are dead, and the infrastructure is under law-enforcement control.
  2. Do not wait for a "restoration." Seized domains and botnet infrastructure do not come back online for customers.
  3. Rotate any credentials or API keys you may have reused across services.
  4. Migrate to an ethically-sourced provider now so your projects keep running.

How to Choose a NetNut Alternative

Do not simply swap one opaque network for another. After a takedown like this, the criteria that matter are:

  • Ethical, opt-in sourcing. IPs should come from users who genuinely consented, not hijacked devices.
  • Transparency. A provider should be clear about how its pool is built.
  • Multi-network resilience. Depending on a single residential network is a single point of failure — and, as NetNut just proved, a single point of seizure. A provider that spans several independent networks keeps you online even if one is disrupted.
  • Uptime, support, and fair pricing. The basics still matter.

Why SpyderProxy Is the NetNut Alternative to Switch To

SpyderProxy is built the opposite way to a botnet: our residential IPs come from ethically-sourced, opt-in networks, and our pool spans several independent proxy types rather than one seizable network. That means when you migrate, you get both a clean conscience and real resilience.

  • Ethically-sourced residential — opt-in networks, not compromised devices.
  • Multiple independent networksrotating residential, static residential (ISP), datacenter, and 4G/5G mobile, so you are never dependent on a single pool.
  • Global coverage — millions of IPs across 195+ countries, HTTP(S) and SOCKS5, rotating and sticky sessions with city-level targeting.
  • Fair, transparent pricing — Budget Residential at $1.75/GB, Premium Residential at $2.75/GB, Static Residential (ISP) at $3.90/day, Static Datacenter at $1.50/proxy/month, and LTE Mobile at $2/IP.
  • Online and ready — migration takes minutes, not days.

For a full feature-by-feature breakdown, see our SpyderProxy vs NetNut comparison.

Migrating From NetNut Takes Minutes

There is no re-architecting involved — a residential proxy is a residential proxy. Sign up, generate your credentials in the dashboard, and point your code at the SpyderProxy endpoint:

import requests

# Swap your old NetNut endpoint for SpyderProxy
proxy = "http://USERNAME:[email protected]:12321"
proxies = {"http": proxy, "https": proxy}

r = requests.get("https://httpbin.org/ip", proxies=proxies, timeout=20)
print(r.json())

That is the whole migration for most setups: change the host, username, and password, and your scrapers, bots, and verification jobs keep running — on IPs that will not be seized out from under you.

Frequently Asked Questions

Is NetNut down?

Yes. In early July 2026 the FBI seized hundreds of NetNut domains as part of an operation targeting a large residential-proxy botnet, and the service is offline. Its main domain now displays a law-enforcement seizure notice.

Why was NetNut seized?

According to the FBI and security researchers, NetNut's network was linked to the "Popa" botnet — roughly two million consumer devices allegedly compromised by malware and used as proxy exit nodes without their owners' consent. The action was carried out by the FBI with partners including Google and Lumen. NetNut's parent, Alarum Technologies, says it is cooperating with investigators.

Is it safe to keep using NetNut?

No. The infrastructure is under law-enforcement control, the endpoints are down, and the network was tied to a criminal botnet. You should migrate to an ethically-sourced provider immediately and rotate any reused credentials.

What is the best NetNut alternative?

The safest choice is an ethically-sourced, multi-network provider so you are not exposed to a single seizable pool. SpyderProxy offers opt-in residential, static residential (ISP), datacenter, and 4G/5G mobile proxies across 195+ countries, with migration that takes minutes.

Are SpyderProxy's proxies ethically sourced?

Yes. SpyderProxy's residential IPs come from opt-in networks where users consent to and are compensated for sharing bandwidth — not from hijacked or malware-compromised devices.

How do I migrate from NetNut to SpyderProxy?

Sign up, generate your proxy credentials in the dashboard, and change your endpoint host, username, and password to the SpyderProxy values. For most scrapers and bots that is a one-line change, and everything keeps running.

Conclusion

The NetNut seizure is the clearest reminder yet that how a residential proxy network is sourced is not a footnote — it is the difference between infrastructure you can rely on and infrastructure that can vanish overnight under an FBI banner. If you were a NetNut customer, do not wait: your proxies are gone, and the fix is a quick migration to an ethical, resilient network.

Switch off NetNut today. Start with SpyderProxy residential proxies from $1.75/GB — ethically sourced, spread across multiple independent networks, in 195+ countries, and online right now.

Left Without Proxies? Migrate off NetNut Today

Ethically-sourced, multi-network proxies that won't be seized out from under you. SpyderProxy from $1.75/GB across 10M+ IPs in 195+ countries — online and ready now.