The Popa botnet, an extensive Android-based network responsible for relaying Internet traffic from millions of consumer TV boxes, has been linked to Alarum Technologies, an Israeli company listed on NASDAQ. Over the past four years, this botnet has facilitated advertising fraud, account takeovers, and mass data scraping, raising red flags about the potential misuse of residential proxy services. Researchers from various security firms have unveiled these connections, indicating a troubling intersection between legitimate business operations and cybercriminal activities.
For businesses, especially those relying on digital advertising or consumer data, the implications are profound. Companies must be vigilant in their cybersecurity measures to mitigate risks associated with such botnets, which could potentially compromise sensitive user data or tarnish brand reputation. This revelation underscores the need for enhanced scrutiny of third-party service providers and a reassessment of risk management strategies in the face of sophisticated cyber threats. As the lines blur between legitimate tech services and malicious operations, understanding the landscape of cybersecurity becomes critical for organizations aiming to protect their assets and maintain consumer trust.
---
*Originally reported by [Krebs on Security](https://krebsonsecurity.com/2026/06/popa-botnet-linked-to-publicly-traded-israeli-firm/)*