Google halts large-scale IPIDEA residential proxy network tied to malware
Google Threat Intelligence Group and partners disrupted IPIDEA's large residential proxy network, seizing domains and exposing trojanized Android apps and Windows binaries that turned devices into exit nodes used by thousands of threat groups for credential theft, account takeovers, and DDoS; IPIDEA operated about 19 brands under a two-tier C2 with ~7,400 second-tier servers; Google Play Protect now blocks IPIDEA SDKs; no arrests reported; users should avoid dubious free VPN/proxy apps.