Would you like to talk to a human?
Agile software development - Wikipedia
In a single seven-day period in January 2026, Google observed over 550 distinct threat groups using IPIDEA infrastructure to hide their activities, including state-sponsored operations from China, North Korea, Iran, and Russia.
These actors used the network to access victim software-as-a-service environments, on-premises infrastructure, and to conduct password spray attacks.
Who is behind IPIDEA was not revealed by GTIG, but the digital certificates the security researchers collected for their analysis carry Hong Kong business entity names.
The IPIDEA operators controlled at least 13 ostensibly independent proxy and virtual private network (VPN) brands, including IPIDEA, 360 Proxy, ABC Proxy, Luna Proxy, and PIA S5 Proxy.
By embedding software development kits (SDKs) into legitimate-looking applications, the operators were able to grow the network, turning users' devices into exit nodes that routed traffic through their internet connections.
Google identified over 600 Android applications and 3075 Windows programs containing IPIDEA code.
Although GTIG said the operators behind the SDKs market them as ways for developers to monetise applications, and "offer Android, Windows, iOS and [LG] webOS compatibility", the security researchers did not say if Apple operating systems were affected as well.
Many applications masqueraded as utilities, games, or VPN services whilst secretly enrolling devices into the proxy network.
BREAKING -
Google agrees to $68m settlement over claims it recorded private conversations
For years smartphone users have suspected their device was up to something sneaky, now a $68 million move confirms it’s true - DEVELOPING
No comments:
Post a Comment