The Downfall of IPStorm Botnet
Last Week, IPStorm Was Dismantled. A Look at the Damage
Overt Operator
November 18, 2023
The US Department of Justice (DoJ) announced the successful dismantling of the IPStorm botnet earlier this year. This major botnet, which comprised tens of thousands of infected devices, was used by cyber-criminals to launch anonymous attacks.
The infamous botnet was recorded in 2020 to have infected over 13,0500 machines across 84 countries in its nefarious run.
The alleged administrator of the botnet, Sergei Makinin, a Russian and Moldovan national, pleaded guilty to three counts of fraud and related activity in connection with computers.
Operating from June 2019 to December 2022, the IPStorm botnet converted compromised Windows, Linux, Mac, and Android devices from across the globe into proxies. These proxies were then made available for rent on Makinin's websites, proxx.io and proxx.net, allowing cyber-criminals to bypass security filters and anonymize their traffic.
According to the DoJ, cyber-criminals paid hundreds of dollars a month to route their traffic through the botnet. Makinin is said to have operated around 23,000 proxies as part of the botnet, earning at least $550,000 from the scheme.
Joseph González, the special agent in charge of the FBI's San Juan Field Office, acknowledged the prevalence of cyber-criminal activity conducted through digital means.
"Cyber-criminals seek to remain anonymous and derive a sense of security because they hide behind keyboards, often thousands of miles away from their victims." González said, as he was quoted by media. González emphasized the FBI's commitment to imposing risk and consequences on adversaries in cyberspace.
The successful dismantling of the IPStorm botnet is a testament to the FBI's efforts. By taking down this major infrastructure, the FBI aims to ensure that cyberspace is not a safe haven for criminal activity. This case demonstrates the agency's dedication to imposing consequences on cyber-criminals and protecting potential victims.
The FBI urged device owners to take proactive measures to protect themselves from being used as part of a botnet. Users are encouraged to keep their operating systems and software up to date, install reputable antivirus software, and exercise caution when clicking on suspicious links or downloading unknown files.
The successful takedown of the IPStorm botnet is a significant achievement in the ongoing fight against cyber-criminal activity. It serves as a reminder of the importance of cybersecurity measures and the need for continued collaboration between law enforcement agencies and technology users.