The hackernews posted about this recent take down (FOUND HERE). Here is that short post.
The U.S. government on Tuesday announced the takedown of the IPStorm botnet proxy network and its infrastructure, as the Russian and Moldovan national behind the operation pleaded guilty
“The botnet infrastructure had infected Windows systems then further expanded to infect Linux, Mac, and Android devices, victimizing computers and other electronic devices around the world, including in Asia, Europe, North America and South America,” the Department of Justice (DoJ) said in a press statement.
Sergei Makinin, who developed and deployed the malicious software to infiltrate thousands of internet-connected devices from June 2019 through December 2022, faces a maximum of 30 years in prison.
The Golang-based botnet malware, prior to its dismantling, turned the infected devices into proxies as part of a for-profit scheme, which was then offered to other customers via proxx[.]io and proxx[.]net.
“IPStorm is a botnet that abuses a legitimate peer-to-peer (p2p) network called InterPlanetary File System (IPFS) as a means to obscure malicious traffic,” cybersecurity firm Intezer noted in October 2020.
The botnet was first documented by Anomali in May 2019, and, over the years, broadened its focus to target other operating systems such as Linux, macOS, and Android.
Threat actors who wish to hide their malicious activities could purchase illegitimate access to more than 23,000 bots for “hundreds of dollars a month” to route their traffic. Makinin is estimated to have netted at least $550,000 from the scheme.
Pursuant to the plea agreement, Makinin is expected to forfeit cryptocurrency wallets linked to the offense.
“IPStorm is a botnet that abuses a legitimate peer-to-peer (p2p) network called InterPlanetary File System (IPFS) as a means to obscure malicious traffic,” cybersecurity firm Intezer noted in October 2020.
The botnet was first documented by Anomali in May 2019, and, over the years, broadened its focus to target other operating systems such as Linux, macOS, and Android.
Threat actors who wish to hide their malicious activities could purchase illegitimate access to more than 23,000 bots for “hundreds of dollars a month” to route their traffic. Makinin is estimated to have netted at least $550,000 from the scheme.
Pursuant to the plea agreement, Makinin is expected to forfeit cryptocurrency wallets linked to the offense.