Tech Support
Documentation
Login
Contact Us
IPStrom Takedown Russian Mastermind Pleads Guilty
Wajahat Raja
November 28, 2023 - TuxCare expert team
On Tuesday, November 14th, 2023, the United States (US) government initiated the IPStrom takedown, Russian mastermind pled guilty to being the brains behind the operation. The IPStrom malware network was taken down as the botnet had infected Windows systems and other electronic devices worldwide.
In this article, we’ll shed light on why this event is making headlines in cybercrime takedown news as one of the best law enforcement success stories in recent times.
IPStrom Takedown Russian Mastermind Behind Bars?
The US Department of Justice (DOJ), in a recent press release, has stated that “Sergei Makinin, a Russian and Moldovan national, pled guilty to three counts of violating 18 U.S.C. § 1030(a)(5)(A), knowingly causing the transmission of a program that intentionally caused damage without authorization to protected computers. Each count of conviction carries a statutory maximum of ten years in prison.”
This is one of the most severe international cybercrime operations, as the attack infiltrated thousands of internet-connected devices from June 2019 to December 2022. Given the severity of the event and the Department of Justice’s statement, the Russian hacker pleads guilty. He now confronts a potential maximum sentence of 30 years in prison.
IPStrom Botnet Dismantled
After receiving the Moldovan and Russian cybercriminal guilty plea, the IPStorm botnet proxy network and all its related infrastructure were dismantled. It was uncovered that the botnet had initially infected Windows systems but later expanded and infiltrated Linux, Android, and Mac devices.
The Golang-based botnet malware, developed and deployed by Sergei Makinin, turned infected devices into proxies as part of a for-profit scheme. They were then offered to other customers via proxx[.]io and proxx[.]net. The botnet was first documented in May 2019 and has continued to broaden its focus.
Later in 2020, the IPStorm botnet was seen abusing a legitimate peer-to-peer (p2p) network called InterPlanetary File System (IPFS) for distributing malware traffic. This allowed threat actors to purchase illegitimate access to more than 23,000 bots to hide their malicious activities.
Alexandru Catalin Cosoi, a senior professional from Bitdefender, has stated the botnet was used to power various cybercriminal activities, given that it could be used as a proxy over infected IoT botnets. Given the use of IoT botnets for criminal activities, global cybersecurity collaboration is now essential.
Cybercriminal Arrest And Conviction
As per recent reports, the Russian mastermind is estimated to have collected $550,000 from the scheme. Reports have also mentioned that the cybercriminal is expected to relinquish cryptocurrency wallets related to the offense.
Cosoi, commenting on the offense, has stated, “This investigation is another primary example of law enforcement and the private cybersecurity sector working together to shut down illegal online activities and bring those responsible to justice”
It’s worth mentioning that the US government is actively involved in cybercrime crackdowns. An example of this is the operation that took place in September 2023 to neutralize the Qakbot threat.
Conclusion
The US government has recently taken down the IPStorm botnet, which had infiltrated countless internet-connected devices since June 2019. The Moldovan and Russian mastermind behind the entire operation now faces 30 years in prison. Given the rise and severity of online criminal activities, organizations worldwide must implement critical cybersecurity measures for increased safety and protection.
The sources for this piece include articles in The Hacker News and The Record.
