Home / Technology / Free VPNs Hijacked Your PC for Cybercrime
Free VPNs Hijacked Your PC for Cybercrime
30 Jan
Summary
- Over 550 hacking groups used a VPN network for illicit activities.
- Free VPNs like Galleon and Radish turned user PCs into proxy nodes.
- Google disrupted the IPIDEA network, seizing domains and millions of IPs.
A vast network of free VPNs and proxy services, including Galleon VPN and Radish VPN, has been uncovered by Google as a major tool for cybercrime. These services, part of the IPIDEA proxy network, were used by over 550 hacking groups to mask their malicious activities by hijacking millions of legitimate IP addresses. The network operated by sourcing IP addresses from users of these free services, many of whom were unaware their devices were acting as nodes.
Google's investigation found that the IPIDEA network was sourcing IP addresses illicitly, turning user PCs into proxy nodes without clear disclosure. This network also utilized software development kits embedded in over 600 mobile apps, further expanding its reach. Hackers leveraging IPIDEA could mask their activities, making detection difficult for network defenders, and even access users' private devices on the same network.
The IPIDEA network, reportedly linked to Chinese entities, was used by threat actors from China, Russia, North Korea, and Iran for espionage, crime, and information operations. Google has taken legal action to disrupt the network, seizing key domains and significantly reducing the pool of compromised devices. This action has impacted millions of Android devices, with industry partners also joining the crackdown.
