Google recently made headlines by shutting down what they described as the world’s largest residential proxy network, allegedly operated by Chinese company IPIDEA. This network reportedly hijacked around nine million Android devices, as well as computers and smart home products. The discovery was first reported by PC-Welt.
The hijacking of these devices was facilitated by hidden code libraries, known as SDKs, embedded in over 600 free apps and programs. When users installed these apps, their devices could be used as exit nodes in a proxy network without their knowledge.
This allowed cybercriminals to carry out activities such as hiding their identity, forwarding traffic, and launching denial-of-service (DoS) attacks, all without the device owners being aware of anything suspicious happening.
With the support of a federal court ruling in the United States, Google took action to shut down IPIDEA’s websites and underlying systems, effectively putting an end to further abuse. The company emphasized the importance of avoiding third-party app stores and relying on Google’s Play Protect security features to detect and block hidden SDKs in apps installed from the Play Store.
While IPIDEA claims that the service was intended for legitimate business purposes, they acknowledge that criminal actors have exploited the network for malicious activities.
To protect yourself and your devices from similar threats, it is recommended to be cautious of apps that offer payment in exchange for sharing your unused bandwidth or internet connection. Only download apps from official stores, carefully review permissions requested by apps, VPNs, and proxies, utilize Google Play Protect to check your apps, and purchase smart home devices from reputable manufacturers.
This article was originally published on PC för Alla and has been translated and adapted from Swedish.
