Google Just Took Down One Of The Biggest Security Risks To Android Users

Google has taken a huge leap forward in better securing millions of Android phones around the world. The company did so by disrupting what it calls the "largest residential proxy network in the world," a proxy network known as IPIDEA. Google reported in a new blog post that an order issued by a U.S. federal court has taken down dozens of different domains that helped power the IPIDEA backend.

The network, which was previously flagged for letting the malicious Kimwolf botnet use around 2 million of its devices, is believed to have infected millions of devices around the world through the installation of free games, VPN apps, and even desktop software that had the IPIDEA SDKs (software development kits) running within them. It has gained widespread distribution thanks to the efforts of the bad actors behind it, which have touted these shady SDKs as a way for developers to monetize their own applications. These developers are paid based on app installs once the SDK is integrated into the code, which is often enticing for small and mid-size developers.

The entire system builds off of something called a residential network proxy, which essentially allows the bad actors behind the project to utilize any device that the system is installed on as a proxy, which basically means the bad actors could make the internet traffic appear as if it were coming from the infected device instead of their own. The disruption of IPIDEA is huge, as Android's ability to sideload applications can make it easy to install free apps and games that might be infected with the SDK.

While Google is actively taking more measures to fully dismantle the system, the company says that users should continue to be cautious about where they download applications from. As part of the Google Play Store, Google's Play Protect helps protect Androids from these kinds of issues. Google even claims that Play Protect will not let you install any application in which IPIDEA has been detected. As such, one of the easiest ways to protect yourself is to simply not download applications outside of the Play Store. Alternatively, if you prefer side-loading applications, never download apps from unknown sources and take advantage of developers that utilize Google's new app safety standards for third-party applications. 

However, it is important to note that while Google has taken huge strides toward dismantling IPIDEA, the system is not completely dead just yet. Which is why downloading any risky applications is one of the top things to never do on your Android smartphone. Overall, reports even suggest that at least nine million devices have been freed from the IPIDEA network with Google's most recent efforts, which is a huge step in the right direction.

Google says that its analysis of the IPIDEA network found that several independent proxy and VPN brands were controlled by the same people, despite appearing as separate entities. Moreover, they appear to have control of several domains related specifically to software development kits, which is why the network has become pervasive across Android phones and desktops alike. While the battle is far from over, it sounds like Google has taken a nice chunk out of IPIDEA's network, and at least some Android users can rest easy knowing their devices — and thus their privacy — are safer now.