Google dismantles a giant network of hackers. It threatened Android users

Google informed about blocking the operation of the system known as IPIDEA. It was the world’s largest network of residential proxy servers. American giant took over dozens of domainsthat were used to manage this illegal practice.

Criminals used the seized devices for masking your traffic on the Internet. This made their activity appear as if it were coming from regular home Internet connections. This made it difficult for law enforcement agencies to track down the perpetrators of network attacks. Previously, this system was associated with the activity of the Kimwolf botnet.

The mechanism of infection was based on cooperation with unaware or greedy programmers. The developers of IPIDEA offered software development kits (SDKs). They paid developers to include them in the code of free games, VPN applications and desktop programs.

Many application developers have decided to take this step for easy money. They didn’t know that by installing their software, the user was turning his phone into a tool for criminals. The problem was largely related to the Android system that allows installing files from external sources.

According to Google’s analysis, the people behind this attack controlled many brands of VPN services. Although they appeared to be independent companies, they were actually run by the same group. This allowed for massive spread of malicious code on various platforms.

Google’s latest action has brought tangible results. Reports indicate that at least nine million devices were freed from the IPIDEA network. The Google Play Protect system has been updated and now automatically blocks the installation of any application containing detected code from this group.