Danny Weber
19:07 29-01-2026
© RusPhotoBank
Google has shut down the Ipidea proxy network that secretly used millions of Android devices, exposing risks of fraud and cyberattacks. Learn how to protect your device.
Google has announced the takedown of a major shadow network that was secretly operating on millions of Android devices worldwide. The company stated that, with the help of a U.S. federal court order, it managed to shut down the infrastructure of the Chinese firm Ipidea, described as the world's largest proxy network. Such networks enable malicious actors to route their internet traffic through other people's smartphones and smart devices, making it appear as if they are accessing the web from the victim's device rather than their own.
Essentially, users were completely unaware that their phones could become rented access points. The Wall Street Journal compared this scheme to an Airbnb for internet connections, with the key difference being that individuals did not consent to participate in the service. Devices were enrolled into the network through free apps, games, or programs that developers had equipped with specialized software modules.
Google explains that after integrating Ipidea's SDK, a device would turn into a so-called exit node, allowing external requests to pass through. This opened the door for using the smartphone owner's IP address to conceal fraud, illegal activities, or cyberattacks. Play Protect has already started automatically warning users, removing such apps, and blocking reinstallations. However, the problem was extensive because Ipidea paid developers for each download.
Particular concern arose from an incident last year when hackers discovered a vulnerability in millions of devices linked to this network and managed to hijack at least two million systems. They transformed them into a massive botnet called Kimwolf, which was used for powerful DDoS attacks that knocked websites offline. Researchers labeled it one of the strongest botnets ever recorded.
According to WSJ estimates, shutting down Ipidea's infrastructure affected around nine million Android devices, and Google additionally removed hundreds of apps associated with this scheme. Ipidea representatives claim their service was intended for legitimate business, though the company had previously even promoted itself on hacker forums. Experts, however, believe the risks to users and even national security were too significant.
Google reminds users to exercise caution when installing free apps from questionable sources, carefully review permissions, and remove programs they no longer use to reduce the likelihood of hidden infections.