IPIDEA, one of the largest residential proxy networks used by threat actors, was disrupted earlier this week by Google Threat Intelligence Group (GTIG) in collaboration with industry partners.

The action included taking down domains associated with IPIDEA services, infected device management, proxy traffic routing. Additionally, intelligence has been shared on the IPIDEA software development kits (SDK) that distributed the proxying tool.

The operators of IPIDEA advertised it as a VPN service that “encrypts your online traffic and hides your real IP address,” used by 6.7 million users worldwide.