Google says it has disrupted and removed domains belonging to IPIDEA, which is considered one of the biggest malicious networks in the world. The company says it disrupted a proxy network that was used by bad actors to hijack millions of computers and phones to create “secret tunnels” for conducting criminal activity.
Notably, proxy networks act as intermediaries between users and the internet by routing traffic through third-party devices, effectively hiding the real origin of activity. The feature is often abused by cybercriminals to stay anonymous and conduct malicious activity without directly exposing their own systems.
What did Google stop?
Google said it disrupted IPIDEA by taking down its online storefront and taking the company to court to make sure it can’t market or distribute its services targeting unsuspecting internet users.
The tech giant says the IPIDEA network allowed bad actors to hijack people’s home internet connections to conduct criminal activity that couldn’t be traced back to them.
This setup allowed attackers to “hide in plain sight” by making it appear as if their criminal activity was coming from a regular user’s device rather than their own, making them essentially untraceable.
John Hultquist, Chief Analyst at Google Threat Intelligence Group, in a blog post by the company said, “Residential proxy networks have become a pervasive tool for everything from high-end espionage to massive criminal schemes. By routing traffic through a person’s home internet connection, attackers can hide in plain sight.”
“By taking down the infrastructure used to run the IPIDEA network, we have effectively pulled the rug out from under a global marketplace that was selling access to millions of hijacked consumer devices,” he added.
Google also said that to protect Android users, it is updating Google Play Protect to automatically warn users if an app contains malicious IPIDEA code and remove it from their device or block it from being installed.
The company also says that it has shared its research with other companies to make sure IPIDEA does not grow back.
How to stay safe?
Google has highlighted the need for users to never share their internet access with untrusted programs. It is also a good idea to always keep Google Play Protect turned on on your device.
Moreover, the company also pushes important protections against cyberattacks via its monthly security updates, so if you haven’t already updated your phone, make sure to update it to the latest version.
