On January 28, 2026, Google used a federal court order to get dozens of domains belonging to Ipidea removed from the internet… The mysterious Chinese company is an unsavory enterprise that sneaks unwanted and dangerous software on millions of phones, home computers and Android devices.

Control of the domains allowed Google to both shut down the public websites and technical back-end of the company, which operates using more than a dozen brand names. Google has also taken steps to remove hundreds of apps affiliated with the company from Android devices…The actions are expected to knock more than nine million Android devices off Ipidea’s network. They target a little known but important part of the internet that has increasingly worried cybersecurity experts.

Called “residential proxy” networks, these online services are built out of apps that are installed on virtually any type of internet-connected device—among them media players, PCs and mobile phones. Companies such as Ipidea then rent out access to the devices to paying customers who want to use the internet anonymously. The businesses operate like Airbnbs for network bandwidth, except the people whose devices are being rented out often don’t realize what is happening.

There are legitimate uses for Ipidea’s service, which can be used to surf the internet anonymously or to scrape websites for data…See Oxylabs…Residential proxies have also become a go-to service for criminals and state-sponsored hackers who want to cover their tracks, said John Hultquist, chief analyst with Google’s Threat Intelligence Group. “It’s a consumer issue and it’s a national-security issue at the same time,” he said. “It’s enabling some of the most serious threats to our country.”…

The Russia-linked hacking group known as Midnight Blizzard, blamed for a 2023 hack of Microsoft, used a residential proxy service to cover its tracks, Google said.

Excerpt from Robert McMillan, Google Aims Knockout Blow at Chinese Company Linked to Massive Cyber Weapon, WSH, Jan. 28, 2026