9 million Android phones were secretly hijacked by proxy network
9 million Android phones were secretly hijacked by proxy network
Publish Date: 2026-01-30 10:28:00
Source Domain: www.pcworld.com
Summary created by Smart Answers AI
In summary:
- PCWorld reports that Google disrupted IPIDEA’s massive proxy network, which secretly hijacked 9 million Android phones through hidden SDKs in free apps.
- The Chinese company exploited these devices as gateways for data distribution and concealing criminal activities, including DDoS attacks via the Kimwolf botnet.
- Google obtained a federal court order to shut down IPIDEA’s operations, protecting millions of users from further device misuse and security breaches.
Google recently announced in a statement that it has disrupted the “world’s largest residential proxy network.” It was able to remain undetected for a long time, hijacking innocent users’ private devices (including smartphones, PCs, and smart home devices) and using them as gateways for distributing data.
The company explains that a Chinese company called IPIDEA was behind it and, with the help of a US federal court order, Google was able to shut down several websites and backend systems, thereby preventing the network from continuing to operate.
In short, a proxy server is like a relay that forwards requests and caches data. For example, suppose an attacker wants to launch a DDoS attack. Instead of attacking with their own traceable devices, the attacker could relay the attacks through a proxy network comprised of smartphones and devices owned by others, thus concealing their own identity.
According to Google, millions of devices belonged to IPIDEA’s proxy network, including at least 9 million Android smartphones.
How users end up in the proxy network
Most users ended up in IPIDEA’s network by installing free apps, games, and desktop software that contained hidden code snippets (known as SDKs) that aren’t recognized as malicious because they don’t restrict the use of the device. They do, however, allow access by third parties.
IPIDEA can therefore use these SDKs to turn an affected device into an exit node…
