Google Shuts Down Network That Hijacked 9M Devices
Google just took down what may be the world's largest residential proxy network, freeing millions of Android devices that were secretly being used by cybercriminals. The good news? Your phone can now automatically detect and remove these hidden threats.
Imagine your phone working perfectly fine while secretly helping criminals cover their tracks online. That nightmare scenario just ended for roughly 9 million people whose Android devices were hijacked without their knowledge.
Google's Threat Intelligence Group discovered and dismantled a massive network tied to a company called IPIDEA. The operation hid malicious code inside more than 600 seemingly innocent apps, from simple utilities to VPN tools, that people downloaded and trusted.
Here's how the scheme worked. When you installed one of these free apps, it did exactly what it promised. But behind the scenes, it quietly turned your device into a relay point for someone else's internet traffic. That meant cybercriminals could route their shady online activity through your home connection, making it look like you were the one doing it.
Most people never noticed anything wrong. Their apps worked normally, and their phones didn't suddenly crash or slow down. Meanwhile, their devices were being used to scrape websites, test stolen passwords, and mask criminal activity.
Google tracked the network's activity over seven days earlier this year and found something alarming. More than 550 separate threat groups were using IP addresses from this infrastructure, including organized cybercrime operations and state-linked actors.
The company took the fight to federal court and won permission to seize the domains controlling the infected devices. Working with partners like Cloudflare and other security firms, Google shut down the command systems that kept the network running.
The Bright Side
Google also updated Play Protect, the security system built into certified Android devices. Now your phone can automatically spot and remove apps containing these malicious code packages. It's like getting a vaccine that works while you sleep.
The company acknowledges that many infected apps came from outside the official Play Store, which means Play Protect couldn't always catch them. But the takedown itself broke the network's backbone, stopping the traffic flow that made the whole operation profitable.
Google's investigation revealed something important about staying safe. Many of these proxy services looked like separate companies but actually shared the same infrastructure. What appeared to be five different apps might all be funneling devices into the same criminal network.
The best protection moving forward is simple: stick to official app stores, avoid apps that promise money for sharing your internet connection, and pay attention to what permissions apps request. A flashlight app shouldn't need constant internet access.
This takedown proves that tech companies can effectively fight back against sophisticated threats when they commit resources to the problem.
More Images
Based on reporting by Fox News Latest Headlines (all sections)
This story was written by BrightWire based on verified news reports.
Spread the positivity! π
Share this good news with someone who needs it
