Home / Technology / Millions Hijacked: Apps Secretly Fuel Cybercrime Network
Millions Hijacked: Apps Secretly Fuel Cybercrime Network
27 Feb
Summary
- Google disrupted a proxy network using 9 million Android devices.
- Hidden software kits in over 600 apps enabled the hijacking.
- Malicious traffic was masked as legitimate consumer activity.
Google's Threat Intelligence Group has successfully disrupted a massive residential proxy network that illicitly utilized around 9 million Android devices. This network, tied to a company named IPIDEA, operated discreetly by embedding software development kits within more than 600 diverse applications.
These compromised apps, functioning normally, enrolled devices into the proxy network without user awareness. Such devices then served as relays for external internet traffic, including data scraping and masking criminal activities. This made malicious operations appear to originate from ordinary home IP addresses.
Google took legal measures in a U.S. federal court to seize control domains and collaborated with security firms to dismantle the network's command-and-control infrastructure. Play Protect was updated to identify and remove offending apps, though risks persist with apps downloaded outside the official Google Play Store.
IPIDEA claimed legitimate business purposes, but Google's findings indicate extensive criminal exploitation. The investigation revealed overlapping services, making it difficult for consumers to discern safe applications. Users are advised to download apps only from trusted sources, scrutinize permissions, and keep devices updated to mitigate such risks.
