Edgar Cervantes / Android Authority
TL;DR
- Google has taken down what it believes to be the world’s largest residential proxy network.
- These networks allow bad actors to route their internet traffic through your phone, making it look like they’re browsing from your device instead of their own.
- Millions of Android devices have now been removed from this shady network.
Google says it has shut down a massive, invisible network that quietly used everyday phones, computers, and smart devices as rented internet gateways.
The company used a US federal court order to take down dozens of websites and backend systems belonging to a firm called Ipidea. Google says the China-based firm operates what it believes to be the world’s largest “residential proxy network.” In simple terms, these networks allow bad actors to route their internet traffic through your phone, making it look like they’re browsing from your device instead of their own.
The Wall Street Journal describes it as an Airbnb for your phone’s internet, except that in this case, you, the host, never knowingly signed up for the service.
Don’t want to miss the best from Android Authority?
Most people end up on Ipidea’s network by installing free apps, games, or desktop software that secretly include proxy code. Once that happens, someone else can route their internet traffic through your device, potentially using your IP address to hide shady or even criminal activity.
Google says Play Protect, Android’s built-in security protection, automatically warns users and removes applications that incorporate Ipidea SDKs, and blocks any future install attempts. However, since these SDKs are widely available to developers and Ipidea pays them per download, users might end up unknowingly installing apps that contain them.
“Once the SDK is embedded into an application, it will turn the device it is running on into an exit node for the proxy network in addition to providing whatever the primary functionality of the application was,” Google notes.
Last year, hackers found a flaw in millions of devices tied to Ipidea’s network. They hijacked at least two million systems, turning them into a gigantic botnet called Kimwolf, which was used to knock websites offline with massive denial-of-service (DDoS) attacks. Researchers have called it the most powerful botnet ever observed.
Approximately nine million Android devices have been removed from Ipidea’s shady network.
Google says Ipidea’s takedown should now disconnect millions of devices from its shady network. WSJ estimates that this includes approximately nine million Android devices. Google also removed hundreds of apps associated with Ipidea.
Meanwhile, Ipidea says it opposes any illegal activity and claims its services are intended for legitimate business use. A company spokesperson told WSJ that it previously used “aggressive” marketing tactics, including promotions in hacker forums, but said those practices have since stopped.
Still, Google and outside researchers say the risks to consumers, and even national security, were too high to ignore.
While Google’s move has cut off a big part of Ipidea’s network, experts say users should still be wary of installing free apps and games from unknown sources. Users should also carefully review app permissions and remove any apps they don’t recognize or no longer use.
Thank you for being part of our community. Read our Comment Policy before posting.
