U.S. Takes Down IPStorm Botnet

U.S. Takes Down IPStorm Botnet

The U.S. government on Tuesday announced the takedown of the IPStorm botnet proxy network and its infrastructure, as the Russian and Moldovan national behind the operation pleaded guilty.

“The botnet infrastructure had infected Windows systems then further expanded to infect Linux, Mac, and Android devices, victimizing computers and other electronic devices around the world, including in Asia, Europe, North America and South America,” the Department of Justice (DoJ) said in a press statement.

The Golang-based botnet malware, prior to its dismantling, turned the infected devices into proxies as part of a for-profit scheme, which was then offered to other customers via proxx[.]io and proxx[.]net.

“IPStorm is a botnet that abuses a legitimate peer-to-peer (p2p) network called InterPlanetary File System (IPFS) as a means to obscure malicious traffic,” cybersecurity firm Intezer noted in October 2020.

The botnet was first documented by Anomali in May 2019, and, over the years, broadened its focus to target other operating systems such as Linux, macOS, and Android.

“Our initial research back in 2020 uncovered valuable clues to the culprit behind its operation, and we are extremely pleased it helped lead to arrests. This investigation is another primary example of law enforcement and the private cybersecurity sector working together to shut down illegal online activities and bring those responsible to justice.”

Source: https://thehackernews.com/