LG and Samsung Smart TV Apps Using Residential Proxy SDKs

Nearly half of the apps on LG and Samsung smart TVs are selling access to users' residential IP addresses. A security scan of 6,038 apps across these platforms revealed that 2,058 contained residential proxy SDKs—software that allows third parties to route their internet traffic through a user's home network.

The Appeal of Smart TVs as Proxy Hosts

Smart TVs are ideal targets for residential proxy networks because they are viewed as furniture rather than computers. Unlike smartphones, TVs lack battery drain indicators or cellular data spikes that would alert a user to background activity. Because they remain plugged in and connected to the internet for years, they provide a stable, persistent connection for proxy providers.

How Proxy SDKs are Monetized

Developers embed proxy SDKs to generate revenue without degrading the user experience with intrusive advertisements. This is particularly common in "shovelware" apps—such as clocks, fish tanks, and simple games—where the primary product is not the app itself, but the residential IP address of the user.

In many cases, the proxy companies themselves act as the publishers. For example, Bright Data, Bright Data Ltd, and Bright SDK were found to be the publishers of 367 proxy-flagged apps in the dataset. Honeygain UAB (a subsidiary of Oxylabs) was the publisher for another 16.

Consent and the "Background Clause"

While these SDKs often present a consent prompt, the prompts are frequently designed to be navigated quickly via remote control. A critical component of these prompts is the "background clause," which explicitly states that the proxy service can continue to run even after the app is closed. This ensures the proxy remains active while the user is no longer interacting with the app.

Some apps use a "monetization fork," where users are given a choice between an ad-supported version of the app or consenting to the proxy SDK to remove ads. For instance, the Pac-Man game on Tizen frames the Bright Data SDK as the ad-free option.

Security Risks to Home Networks

Turning a smart TV into a proxy endpoint creates a significant security vulnerability. If the proxy provider's filtering fails or if they intentionally allow requests to private IP addresses, the TV becomes a foothold for attackers to reach internal network devices, such as router admin panels, NAS devices, and cameras.

Technical analysis shows varying levels of protection:

• Bright Data: Includes an explicit blocklist for private/local ranges (e.g., 192.168.0.0/16).
• Massive and Honeygain/Oxylabs: The analysis did not find a comparable private-range blocklist in the local samples, meaning the boundary is enforced by the provider's server-side policy rather than technical SDK constraints.

This risk is highlighted by the 2026 report on the Kimwolf botnet, which abused residential proxy networks to tunnel back into local networks to spread malware.

Platform Policy Gaps

There is a significant disparity in how TV platforms handle these SDKs. Amazon's Device and System Abuse Policy explicitly prohibits apps that facilitate proxy services for third parties. Roku also reportedly blocks developers from using Bright SDK and similar services.

In contrast, LG (webOS) and Samsung (Tizen) have no such public policies, allowing these apps to persist at scale.

Vendor Responses

Proxy providers maintain that their networks are legitimate and secure:

• Bright Data emphasizes a framework of transparent sourcing and vetting for business and journalistic purposes.
• Massive states that technical controls are primarily server-side and that users undergo a Know Your Customer (KYC) process.
• Oxylabs reports that it restricts local network access through infrastructure-level filtering and third-party security audits.

Community Insights and Mitigation

Users and security professionals on Hacker News suggest several ways to mitigate these risks:

"Never ever connect your 'Smart'-TV to your network, or if you have an incurable impulse to then make sure it's on a firewalled gateway-less VLAN."

Other recommended strategies include:

• Using a "dumb" TV: Disabling WiFi and using a dedicated external streaming device (e.g., Apple TV) to handle all smart features.
• DNS Filtering: Implementing Pi-hole or OPNSense to block data collection and enforce DNS requests.
• Jailbreaking: Using modified firmware to remove manufacturer-installed bloatware and tracking.

Conclusion

Residential proxy infrastructure is being embedded in consumer devices that users do not perceive as computers. While proxy providers argue that their customer vetting and server-side controls reduce risk, the fundamental vulnerability remains: a household's internet connection is being leveraged by third parties through a device that lacks the transparency and auditing tools available on traditional computers.