Bottom line: Bright Data integrates an SDK into free apps that repurposes smart TVs and smartphones as exit nodes for a global proxy network with 400 million IP addresses without sufficient transparency—even when VPN connections are active.
A software kit from data company Bright Data transforms free consumer apps on smart TVs and smartphones into proxy servers for web-scraping operations—without explicit user control. Security researchers from Include Security and Buchodi document how a minimum of 150 million residential IP addresses stem from this network.
The investigation by Include Security and independent researcher Buchodi reveals a structural business model: Bright Data embeds its software development kit (SDK) into free applications for mobile devices and smart TVs. Users who open these apps implicitly consent to the SDK connecting to Bright Data servers. The device then receives work instructions without deeper authentication and forwards third-party traffic via the user’s home internet connection—it becomes an exit node in a global proxy network. Bright Data primarily markets this network to companies in the AI industry for training models. The overall network comprises around 400 million residential IP addresses, of which at least 150 million originate from this app pool.
Code analysis of the iOS client reveals critical transparency deficits: data traffic undergoes no standard security checks, is not captured by standard monitoring tools, and actively bypasses configured VPN connections on iPhones. The service runs unnoticed in the background and only stops when battery charge drops critically low. The apps’ consent dialogs provide an insufficient picture of actual data usage. For example, a Roku application called Petflix announced that the device and network would be used only “occasionally.” However, the SDK’s default configuration permits up to 200 gigabytes of data volume per month per device—and exceeds this in countries like Uzbekistan and Oman. The SDK can also link multiple devices of the same user at the information-technology level.
Bright Data is the successor company to the Luminati service, which emerged from the Hola VPN network. Already in 2015, it was documented that Hola resold the bandwidth of free users without their knowledge at a price of 20 US dollars per gigabyte. The current business model gains relevance through the enormous data needs of the AI industry. Since modern anti-bot protection measures from providers like Cloudflare and DataDome block access from data centers, AI scraper operators resort to regular private internet connections.
Platform operators such as Google, Amazon, and Roku have since imposed restrictions on proxy SDKs, whereupon Bright Data discontinued support for these systems. In current specifications, however, the operating systems Tizen (Samsung) and webOS (LG) continue to be listed as supported. To mitigate, the report recommends blocking specific connection addresses at the router level using tools such as Pi-hole or NextDNS. Relevant domains include proxyjs.brdtnet.com, proxyjs.luminatinet.com, and proxyjs.bright-sdk.com.
Source: www.it-daily.net · Published June 13, 2026
Lumi AI News — AI-assisted curation in accordance with Art. 50 EU AI Act. Paraphrase and classification through Lumi News Pipeline v1.7.1.