Security news aggregator

Latest coverage for Seizure

Seizure concerns the confiscation or disruption of devices, systems, or data, with implications for digital evidence, service access, and incident response.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Seizure is the lawful taking or securing of devices, servers, domain names, accounts, cryptocurrency, or stored digital data by an authorized authority for an investigation or legal proceeding. In information-security reporting, the term usually concerns the acquisition of digital infrastructure or evidence, not a seizure-related medical event. Authorities may take physical equipment, redirect or disable online services, or obtain data from a provider under applicable legal process.

The security challenge is preserving evidence without changing it: investigators may document the chain of custody, isolate systems, and use forensic copies while protecting originals from alteration. Live systems can contain volatile evidence, while encryption, remote access, cloud tenancy, and deleted data complicate collection. Seized infrastructure may also contain unrelated customer or employee information, creating privacy and access-control obligations. For defenders, a seizure can interrupt services and signal an investigation; maintaining accurate asset ownership records, logs, backups, and documented legal or incident-response contacts helps establish what systems and data are affected.

Volume over time

Weekly headline count for the current query.

Showing 5 most recent headlines Filtered view
Krebs on Security 2 weeks, 1 day ago

FBI Seizes NetNut Proxy Platform, Popa Botnet

The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technologies [NASDAQ: ALAR]. The action comes roughly two weeks after KrebsOnSecurity published findings from multiple security firms connecting NetNut to the Popa botnet, a collection of at least two million devices that have been compromised by malicious software with little or no consent from victims.

Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the European Union. The two men were the focus of a 2025 KrebsOnSecurity story about how their hosting companies had assumed control over the technical infrastructure of Stark Industries Solutions, an Internet service provider sanctioned last year by the EU as a frequent staging ground for cyber mischief from Russia's intelligence agencies.

Krebs on Security 2 years, 1 month ago

Is Your Computer Part of ‘The Largest Botnet Ever?’

The U.S. Department of Justice (DOJ) today said they arrested the alleged operator of 911 S5, a ten-year-old online anonymity service that was powered by what the director of the FBI called "likely the world's largest botnet ever." The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various "free VPN" products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime.

Several domain names tied to Genesis Market, a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with malicious software, were seized by the Federal Bureau of Investigation (FBI) today. Sources tell KrebsOnsecurity the domain seizures coincided with "dozens" of arrests in the United States and abroad targeting those who allegedly operated the service, as well as suppliers who continuously fed Genesis Market with freshly-stolen data.

Krebs on Security 3 years, 4 months ago

Who’s Behind the NetWire Remote Access Trojan?

A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with a seizure of the NetWire sales website by the U.S. Federal Bureau of Investigation (FBI). While the defendant in this case hasn’t yet been named publicly, the NetWire website has been leaking information about the likely true identity and location of its owner for the past 11 years.