Google Versus China’s Cyber Weapon
Authored by Anders Corr via The Epoch Times (emphasis ours),
Commentary
Google has sacked a Chinese company’s global proxy network, which constitutes part of a Chinese cyber weapon aimed at U.S. and allied critical infrastructure and telecommunications.
The company, Ipidea, allegedly has proxy malware that silently piggybacked on millions of legitimate software downloads by regular U.S. consumers to their phones, tablets, computers, televisions, and projectors. The internet bandwidth of these and other victims is then rented by such proxy networks to malign state actors, criminals, and others seeking to use the internet anonymously. Such networks are a national security threat of the greatest magnitude.
The Google takedown required a federal court order to remove dozens of the company’s domains and apps from approximately 9 million Android devices. Ipidea does not reveal the name of its CEO or headquarters location, which is somewhere in China. However, it does admit to operations in 220 countries using tens of millions of devices. Given the Chinese Communist Party’s (CCP’s) unprecedented surveillance in China, Ipidea likely has the full support of the regime. It could be a full-fledged Chinese intelligence operation.
The attacks are the tip of an iceberg that is sinking the privacy and security of American citizens, U.S. allies, and the future of democracy. One focus of CCP cyberattacks is hundreds of high-value critical infrastructure targets, such as municipal water companies, electricity plants, and ports. Another focus is on government operations, including the U.S. National Guard, National Nuclear Security Administration, and Congressional committees key to U.S. foreign and national security policy.
China’s hacker assaults are often given various storm names, such as Salt Typhoon and Volt Typhoon. They allegedly targeted approximately 200 U.S. companies and gathered the private data of almost all Americans. The targets include small municipal water and electric companies that have little or nothing to do with national security. They have no military bases or other sensitive sites nearby.
The only plausible reason for targeting such civilian infrastructure is to target civilians during a war, which is a violation of international norms. In some cases, exported devices and malware include the ability to hack hospitals or flood the water supply with poisonous treatment chemicals at high concentrations.
In December 2024, CCP representatives admitted to Biden administration officials of hacking U.S. infrastructure, including ports and water utilities. The regime representatives said the reason was U.S. support for Taiwan. This was probably a veiled threat against the United States to warn it off from support for Taiwan in case of war.
Hackers in China are similarly targeting the critical infrastructure of U.S. allies, like the United Kingdom, Australia, and Singapore. The hackers also target China’s allies, including Russia, to acquire data about the war in Ukraine. Battlefield data on the performance of different weapons systems is useful to Beijing’s military planning and armaments production. In the worst of cases, foreign weapons could be hacked and used against their own civilians.
Many Southeast Asian countries are also targets, and Taiwan’s chip industry is of particular interest.
In November, Anthropic revealed that state-sponsored hackers in China had used its AI technology in history’s first AI-powered hack, of about 30 U.S. companies and government agencies. The companies included technology, chemical, and financial companies. While Chinese agents allegedly directed and oversaw the attack, as much as 90 percent of them were carried out by Claude, Anthropic’s AI model, acting independently.
The latest Claude models require minimal programming by human coders as they can code programs themselves in response to normal language prompts by humans. The risk of this technology in the hands of a totalitarian state like China is incalculably high.
An international coalition of government cybersecurity agencies, including those from the United States, Canada, the United Kingdom, Germany, Italy, and Japan, is publicly identifying individual Chinese companies for their hacking activity and provision of cyber products to China’s military and intelligence agencies.
The warning focuses on Advanced Persistent Threat (APT) actors in China that target “telecommunications, government, transportation, lodging, and military infrastructure networks” globally. France was conspicuously absent as a signer. In 2024, China’s APT31 hacking group allegedly targeted seven French parliamentarians.
The coalition’s warning is good, but not nearly enough to stop China’s highly lucrative practice of hacking pretty much anyone and everyone. CCP hacking will continue to weaken the United States and its allies until direct repercussions are imposed, including through counter-hacking and other measures designed to inflict significant economic damage on the regime.
These repercussions should be at the all-of-China level, not against particular companies. Sanctioning individual companies is ineffective, as they simply do the bidding of the CCP. Real repercussions should instead be imposed on the almost $20.7 trillion Chinese economy, and its almost $1.2 trillion in annual international trade. This should ideally be done to the financial benefit of the United States and U.S. allies as a form of economic compensation for previous harms done by the CCP. These harms include the COVID-19 pandemic, the fentanyl crisis, and intellectual property theft. The longer America waits to act, the more powerful the CCP becomes.
Views expressed in this article are opinions of the author and do not necessarily reflect the views of The Epoch Times or ZeroHedge.
Tyler Durden
Mon, 02/09/2026 – 19:15
