FBI Dismantled IPStorm and Botnet Infrastructure 

The FBI has achieved a remarkable feat in the fight against cybercrime, dismantling the infamous IPStorm botnet network that infected tens of thousands of devices across various platforms worldwide. 

The brains behind this criminal operation, Sergei Makinin, a dual citizen of Russia and Moldova, has confessed to three counts of violating cybersecurity laws.

The IPStorm Malware Operation

The FBI’s cyber experts uncovered the details of the IPStorm malware, which initially targeted Windows systems but quickly expanded its scope, compromising Linux, Mac, and Android devices as well. 

The malware turned the infected devices into proxies, which were then sold illegally on websites proxx.io and proxx.net. 

Customers who wanted to hide their online activities paid hefty amounts, with Makinin reportedly earning over $550,000 through this scheme.

The court documents revealed Makinin’s cyber terror campaign, which lasted from June 2019 to December 2022. 

During this time, he created and distributed malicious software, infecting devices worldwide, including in Puerto Rico. 

The FBI’s investigation exposed the vast network of compromised devices controlled by Makinin, forming a powerful botnet.

Makinin’s guilty plea, which includes charges under 18 U.S.C. § 1030(a)(5)(A), marks a significant step toward justice in the field of cybersecurity.

Document
Protect Your Storage With SafeGuard

Is Your Storage & Backup Systems Fully Protected? – Watch 40-second Tour of SafeGuard

StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.

Each count he faces carries a maximum sentence of ten years in prison, with the final verdict to be decided by a federal district court judge. 

The plea deal also involves forfeiting cryptocurrency wallets associated with the illegal operation.

The Global Impact of the FBI’s Actions

U.S. Attorney Stephen Muldrow emphasized the global impact of the FBI’s actions, stating, “This investigation shows that we will use every lawful tool at our disposal to disrupt cybercriminals, regardless of their location.” 

Special Agent Joseph González added, “The FBI’s cyber mission has been to impose risk and consequences on our adversaries, ensuring cyberspace is no safe space for criminal activity.”

The dismantlement operation focused on neutralizing the botnet’s infrastructure, highlighting the importance of regular security updates and patches for computer users. 

The FBI acknowledged the collaboration with international partners, including the Spanish National Police-Cyber Attack Group and the Dominican National Police, demonstrating the global effort to combat cyber threats.

The Evolution of Cyber Threats

The IPStorm malware, written in Golang, showed a significant evolution in cyber threats, with the malware’s ability to target various platforms and architectures. 

Intezer’s research played a crucial role in aiding the FBI’s case, providing insights into the malware’s variants and capabilities.

658638c6bef52e03e6aea4b6c1b2b3b8d81ad40144b56b2122d96e6957c33117 sample undetected in VirusTotal
658638c6bef52e03e6aea4b6c1b2b3b8d81ad40144b56b2122d96e6957c33117 sample undetected in VirusTotal
Samples analyzed and classified by Intezer in the IPStorm malware family.
Samples analyzed and classified by Intezer in the IPStorm malware family.

This victory against the IPStorm botnet reflects the unwavering commitment of law enforcement to disrupt and bring to justice cyber criminals who exploit the digital landscape for illicit gains. 

Patch Manager Plus, the one-stop solution for automated updates of over 850 third-party applications: Try Free Trial.

Gurubaran is a Security Consultant, Security Editor & Co-Founder of Cyber Security News & GBHackers On Security.