Close Menu
    Latest Post

    Suspected Russian Actor Linked to CANFAIL Malware Attacks on Ukrainian Organizations

    February 22, 2026

    Trump Reinstates De Minimis Exemption Suspension Despite Supreme Court Ruling

    February 22, 2026

    How Cloudflare Mitigated a Vulnerability in its ACME Validation Logic

    February 21, 2026
    Facebook X (Twitter) Instagram
    Trending
    • Suspected Russian Actor Linked to CANFAIL Malware Attacks on Ukrainian Organizations
    • Trump Reinstates De Minimis Exemption Suspension Despite Supreme Court Ruling
    • How Cloudflare Mitigated a Vulnerability in its ACME Validation Logic
    • Demis Hassabis and John Jumper Receive Nobel Prize in Chemistry
    • How to Cancel Your Google Pixel Watch Fitbit Premium Trial
    • GHD Speed Hair Dryer Review: Powerful Performance and User-Friendly Design
    • An FBI ‘Asset’ Helped Run a Dark Web Site That Sold Fentanyl-Laced Drugs for Years
    • The Next Next Job, a framework for making big career decisions
    Facebook X (Twitter) Instagram Pinterest Vimeo
    NodeTodayNodeToday
    • Home
    • AI
    • Dev
    • Guides
    • Products
    • Security
    • Startups
    • Tech
    • Tools
    NodeTodayNodeToday
    Home»Security»Google’s Disruption Removes Millions of Devices from Malicious Proxy Network
    Security

    Google’s Disruption Removes Millions of Devices from Malicious Proxy Network

    Samuel AlejandroBy Samuel AlejandroJanuary 31, 2026No Comments3 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    src vot4wm featured
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Image of global data networks

    Getty Images

    Millions of devices, previously exploited as proxies by cybercriminals, espionage groups, and data thieves, are no longer in use after Google targeted IPIDEA, a China-based residential proxy network. Google’s Threat Intelligence Group (GTIG) initiated legal actions and shared intelligence to disrupt the company’s domain infrastructure, as detailed in a recent blog post.

    This operation, supported by Cloudflare, Lumen’s Black Lotus Labs, and Spur, damaged a portion of IPIDEA’s proxy infrastructure. Such coordinated efforts against malicious networks demonstrate the persistent challenge faced by threat intelligence teams in dismantling extensive and evolving cybercriminal operations.

    Early reports suggest a reduction of approximately 40% in IPIDEA’s proxy network.

    Chris Formosa, a senior lead information security engineer at Lumen Technologies’ Black Lotus Labs, noted that around 5 million unique bots were still communicating with IPIDEA’s command and control servers, indicating the network retains a significant volume of proxies.

    Before the domain takedowns, Lumen observed an average of 8.5 million proxies daily connecting to IPIDEA’s servers. Formosa estimated the actual number of proxies was likely between 10-11 million, with Lumen’s visibility capturing 8.5 million.

    Google researchers identified multiple proxy and VPN brands that appeared independent but were actually controlled by IPIDEA. Investigations revealed several domains owned by IPIDEA that supported SDKs for residential proxies, which were integrated into existing applications.

    Developers incorporating these SDKs into their applications receive payment from IPIDEA, usually per download. According to Google’s report, these SDKs are crucial for residential proxy networks, as the software they are embedded in supplies network operators with the vast number of devices required to sustain such a network.

    While residential proxy networks can have legitimate uses, researchers have consistently warned that unethical or criminal entities exploit these networks to create and maintain botnets, conduct cybercrime, engage in espionage, and facilitate other harmful activities.

    Charley Snyder, a senior manager at GTIG, stated that the residential proxy industry is growing quickly, with GTIG’s research suggesting that most of this expansion is driven by malicious applications. GTIG’s findings indicate that these proxies are predominantly misused by malicious actors.

    Many service providers are reportedly bundling proxy malware within software downloads, leading users to unknowingly allow proxy networks to commandeer their internet bandwidth for concealing cybercrime.

    Earlier this month, Google detected over 550 distinct threat groups, including those from China, North Korea, Iran, and Russia, utilizing IP addresses identified as IPIDEA exit nodes over a week. These groups reportedly accessed victim cloud environments, on-premises infrastructure, and launched password-spray attacks.

    Security teams and cyber authorities are increasingly focusing on the underlying systems and infrastructure that facilitate cybercrime, aiming to restrict resources and intensify pressure on these illicit operations.

    Snyder explained that by targeting the tools criminals employ, rather than solely the criminals, defenders can inflict substantial, difficult-to-recover costs on the cybercrime ecosystem.

    Google’s actions successfully cut the command-and-control connections between operators and millions of devices, and dismantled associated storefronts, thereby undermining IPIDEA’s efforts to build brand recognition and market presence.

    Despite Google’s significant impact on IPIDEA’s infrastructure, the broader struggle against this company and similar entities persists.

    Snyder described the ecosystem as highly complex, involving numerous brands and shell entities. He acknowledged the disruption’s significance but emphasized that the ecosystem’s reliance on anonymity and shared resources means it has endured previous takedowns, indicating ongoing efforts are necessary.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticlePinterest Announces Layoffs, Shifts Focus to AI Development
    Next Article Roland’s TR-1000 is the ultimate drum machine
    Samuel Alejandro

    Related Posts

    Security

    Suspected Russian Actor Linked to CANFAIL Malware Attacks on Ukrainian Organizations

    February 22, 2026
    Guides

    How to Cancel Your Google Pixel Watch Fitbit Premium Trial

    February 21, 2026
    Security

    An FBI ‘Asset’ Helped Run a Dark Web Site That Sold Fentanyl-Laced Drugs for Years

    February 21, 2026
    Add A Comment
    Leave A Reply Cancel Reply

    Latest Post

    ChatGPT Mobile App Surpasses $3 Billion in Consumer Spending

    December 21, 202513 Views

    Creator Tayla Cannon Lands $1.1M Investment for Rebuildr PT Software

    December 21, 202511 Views

    Automate Your iPhone’s Always-On Display for Better Battery Life and Privacy

    December 21, 202510 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    About

    Welcome to NodeToday, your trusted source for the latest updates in Technology, Artificial Intelligence, and Innovation. We are dedicated to delivering accurate, timely, and insightful content that helps readers stay ahead in a fast-evolving digital world.

    At NodeToday, we cover everything from AI breakthroughs and emerging technologies to product launches, software tools, developer news, and practical guides. Our goal is to simplify complex topics and present them in a clear, engaging, and easy-to-understand way for tech enthusiasts, professionals, and beginners alike.

    Latest Post

    Suspected Russian Actor Linked to CANFAIL Malware Attacks on Ukrainian Organizations

    February 22, 20260 Views

    Trump Reinstates De Minimis Exemption Suspension Despite Supreme Court Ruling

    February 22, 20260 Views

    How Cloudflare Mitigated a Vulnerability in its ACME Validation Logic

    February 21, 20260 Views
    Recent Posts
    • Suspected Russian Actor Linked to CANFAIL Malware Attacks on Ukrainian Organizations
    • Trump Reinstates De Minimis Exemption Suspension Despite Supreme Court Ruling
    • How Cloudflare Mitigated a Vulnerability in its ACME Validation Logic
    • Demis Hassabis and John Jumper Receive Nobel Prize in Chemistry
    • How to Cancel Your Google Pixel Watch Fitbit Premium Trial
    Facebook X (Twitter) Instagram Pinterest
    • About Us
    • Contact Us
    • Privacy Policy
    • Terms & Conditions
    • Disclaimer
    • Cookie Policy
    © 2026 NodeToday.

    Type above and press Enter to search. Press Esc to cancel.