[LtWorf]

Wasn't the loopback address recently used maliciously?

[salawat]

Yes. Facebook/Meta was using a locally hosted proxy to get info smuggled back without using routes that are increasingly obstructed by things like ad blockers if I recall correctly.

https://securityonline.info/androids-secret-tracking-meta-ya...

Search string for DDG: Meta proxy localhost data exfiltration