November 14, 2023 at 07:10PM
The U.S. Department of Justice has announced the takedown of a botnet proxy service called IPStorm. The service allowed cybercriminals to run malicious traffic anonymously through various devices worldwide. A Russian-Moldovan national named Sergei Makinin pleaded guilty to computer fraud charges in connection to the case. Makinin profited from selling the proxy services and will face a maximum penalty of 10 years in prison. Law enforcement agencies from various countries were involved in the investigation. Technical details about IPStorm can be found in a report by Intezer.
Key Takeaways from Meeting Notes:
1. The U.S. Department of Justice (DoJ) announced the takedown of the IPStorm botnet proxy service.
2. IPStorm allowed cybercriminals to conduct malicious activities through various devices worldwide.
3. Sergei Makinin, a Russian-Moldovan national, pleaded guilty to computer fraud charges related to IPStorm.
4. Victims of IPStorm unknowingly facilitated cybercrime and experienced hijacked network bandwidth.
5. Makinin operated the proxying service through the websites ‘proxx.io’ and ‘proxx.net’ and offered over 23,000 anonymous proxies.
6. Makinin admitted to earning at least $550,000 in profits from the proxy services and will forfeit cryptocurrency wallets containing the proceeds.
7. The law enforcement operation did not extend to victim computers.
8. IPStorm evolved since 2019, starting as Windows-targeting malware and later targeting Linux and Android-based IoT devices.
9. The malware used the InterPlanetary File System (IPFS) and had features like SSH brute-forcing and antivirus evasion.
10. The IPStorm network allowed cybercriminals to route their traffic and maintain anonymity, with access priced at hundreds of dollars per month.
11. Multiple law enforcement organizations, including the FBI and international agencies, were involved in the investigation.