Google dismantles major residential proxy network to curb cybercrime and device abuse
Google said it has disrupted one of the world’s largest residential proxy networks, IPIDEA, by taking down key domains and blocking malicious apps, in a move aimed at protecting millions of consumer devices from cybercriminal abuse.
ADVERTISEMENT
Google said on Wednesday that it has taken coordinated action against one of the world’s largest residential proxy networks, IPIDEA, in a bid to prevent cybercriminals and state-sponsored hackers from exploiting millions of consumer devices.
Residential proxy networks enable attackers to route internet traffic through compromised home and mobile devices, allowing malicious activity to appear as if it originates from legitimate users. This technique helps attackers evade detection and bypass security systems while masking their true locations.
The latest operation was led by the Google Threat Intelligence Group, which pursued legal action to seize domains used to control infected devices. At the same time, Google rolled out automatic protections for Android users through Google Play Protect to block related threats, the company said in a blog post.
Also read: EU tightens scrutiny of Google under DMA with fresh focus on AI and search data
Google said its actions have significantly weakened IPIDEA’s infrastructure and business operations by sharply reducing the number of devices available to proxy operators. The company believes millions of compromised devices have effectively been removed from the network as a result of the takedown.
IPIDEA was found to be operating at least 13 different residential proxy brands, all of which have now been taken offline. These brands allegedly relied on infected consumer devices to sell proxy access to customers seeking to conceal their online activity.
As part of its investigation, Google identified more than 600 Android applications and over 3,000 unique Windows files linked to IPIDEA’s command-and-control systems. These apps and files were used to maintain access to compromised devices and route traffic through the proxy network.
Also read: Google promotes Jitendra Kumar to lead US agency partnerships for customer solutions
Google said the move underscores the growing threat posed by residential proxy services, which are increasingly abused for fraud, data theft, disinformation campaigns and other malicious operations. By disrupting the infrastructure behind such networks, the company said it aims to make large-scale cybercrime more difficult and costly to carry out.
