The WSJ reports that Google has moved to seize dozens of domains belonging to IPIDEA, a Chinese residential proxy service and the largest by far with ~10M proxies for rent. Google has also taken steps to remove hundreds of apps affiliated with the company from Android devices
Earlier this month, we broke the news about how the world's biggest botnet -- Kimwolf -- grew very quickly to well more than 2 million devices by exploiting a weakness in IPIDEA that allowed them to probe the local networks of proxy endpoints, and infect unofficial Android devices like TV boxes.
https://krebsonsecurity.com/2026/01/the-kimwolf-botnet-is-stalking-your-local-network/
IPIDEA's proxy service has become synonymous with these Android TV boxes, which generally come backdoored at purchase. According to Synthient, the proxy tracking startup that figured out how Kimwolf was spreading, the majority of traffic being funneled through IPIDEA proxies is for account takeover activity and ad fraud.
Here's the announcement from Google: https://cloud.google.com/blog/topics/threat-intelligence/disrupting-largest-residential-proxy-network