Lord777
Professional
- Messages
- 2,578
- Reaction score
- 1,532
- Points
- 113
The FBI eliminated the IPStorm botnet and its infrastructure after the IPStorm owner made a deal with the investigation in September. The US Department of Justice announced the dismantling of the IPStorm botnet infrastructure, which affected thousands of Linux, Mac and Android devices across Asia, Europe, North and South America.
The botnet was first spotted by researchers in June 2019, primarily targeting Windows systems. It attracted the attention of specialists by using the IPFS protocol for communicating with infected systems and transmitting commands. It is noted that the number of infected systems has increased from about 3,000 in May 2019 to more than 13,500 by 2020.
The US Department of Justice announced that the botnet owner pleaded guilty on September 18 to three hacking charges, each of which carries a maximum penalty of 10 years in prison. According to the Justice Department, the defendant developed and distributed malware from June 2019 to December 2022, infecting thousands of Internet-connected devices around the world.
The main purpose of the botnet was to turn infected devices into proxy servers, which were accessed through the owner's own websites. Customers paid hundreds of dollars a month for access to managing infected devices. The criminal himself told the authorities that he earned at least $550,000 from his scheme and agreed to transfer all the earned cryptocurrency associated with the botnet. The Ministry of Justice turned off the IPStorm infrastructure, but did not remove malware from infected devices — such an action by the FBI in previous botnet dismantling operations caused controversy.
The investigation was conducted by the FBI in Puerto Rico, the Dominican Republic and Spain in conjunction with local law enforcement agencies. Anomali Threat Research and Bitdefender also provided assistance in solving the case. The investigation was another example of successful cooperation between law enforcement agencies and the private cybersecurity sector in combating illegal activities and bringing those responsible to justice.
The botnet was first spotted by researchers in June 2019, primarily targeting Windows systems. It attracted the attention of specialists by using the IPFS protocol for communicating with infected systems and transmitting commands. It is noted that the number of infected systems has increased from about 3,000 in May 2019 to more than 13,500 by 2020.
The US Department of Justice announced that the botnet owner pleaded guilty on September 18 to three hacking charges, each of which carries a maximum penalty of 10 years in prison. According to the Justice Department, the defendant developed and distributed malware from June 2019 to December 2022, infecting thousands of Internet-connected devices around the world.
The main purpose of the botnet was to turn infected devices into proxy servers, which were accessed through the owner's own websites. Customers paid hundreds of dollars a month for access to managing infected devices. The criminal himself told the authorities that he earned at least $550,000 from his scheme and agreed to transfer all the earned cryptocurrency associated with the botnet. The Ministry of Justice turned off the IPStorm infrastructure, but did not remove malware from infected devices — such an action by the FBI in previous botnet dismantling operations caused controversy.
The investigation was conducted by the FBI in Puerto Rico, the Dominican Republic and Spain in conjunction with local law enforcement agencies. Anomali Threat Research and Bitdefender also provided assistance in solving the case. The investigation was another example of successful cooperation between law enforcement agencies and the private cybersecurity sector in combating illegal activities and bringing those responsible to justice.
