Google has taken down IPIDEA, one of the world’s largest malicious proxy networks, cutting off infrastructure that cybercriminals used to hijack millions of computers and smartphones. The company says the network enabled criminals to create ‘secret tunnels’ to carry out crimes while hiding their true identity.
IPIDEA operated as a residential proxy network that routes internet traffic through third-party devices, often regular home computers and phones, to mask the initial source of the activity. While proxy services have legitimate uses, cybercriminals frequently abuse them to stay anonymous and evade detection.
According to Google, IPIDEA allowed attackers to secretly take control of people’s home internet connections. Criminal activity then appeared to come from ordinary users instead of the attackers themselves, making the operations difficult to trace.
Google says it took down IPIDEA’s online storefront and initiated legal action to stop the group from marketing or distributing its services to unsuspecting internet users. By removing the infrastructure behind the network, Google claims it effectively shut down a global marketplace that sold access to millions of compromised devices.
John Hultquist, chief analyst at Google Threat Intelligence Group, said residential proxy networks now power everything from espionage to large-scale criminal schemes. “By routing traffic through a person’s home internet connection, attackers can hide in plain sight,” Hultquist said in a Google blog post.
Also Read: How to Customize Google Search Results to Favour Trusted Websites
Google says it has updated Google Play Protect to automatically warn users if an app contains IPIDEA-related malicious code. The system will remove such apps or block them before installation.
Google advises users to never share internet access with untrusted apps or programs and to keep Play Protect enabled at all times. The company also says it has shared its findings with other tech firms to prevent the IPIDEA network from resurfacing elsewhere.