Google Shuts Down World's Largest Residential Proxy Network and Highlights Major Cybersecurity Threats

On January 30, 2026, Google dismantled the world's largest residential proxy network by disabling domains used for its administration. These networks exploit compromised devices (such as IoT routers) or software voluntarily installed by users, often without their knowledge of malicious use. Unlike public Tor nodes, these proxies use residential IP addresses, making them difficult to detect. However, individual proxies remain active despite Google's action. A malicious campaign is targeting users of Claudebot (renamed Moldbot), with fraudulent Visual Studio Code extensions installing ScreenConnect, a remote access tool. Additionally, the antivirus eScan was compromised through its update infrastructure, allowing malware installation and software deactivation. Only a portion of clients was affected. A vulnerability in PyTorch, related to pickle file deserialization, enables arbitrary code execution via memory corruption, even with the weights only option enabled. Users are urged to update PyTorch and verify the source of downloaded models.