Yesterday theFBI announced the dismantling of the network behind the fearsome malware IPStorm. The malicious agent in question was known for its high degree of adaptability, being active on devices Windows, Mac, Linux e Android.
According to what was reported by Department of Justice American, the operation would also have led to the arrest of the malware developer, i.e Sergei Makinin. He himself admitted to having obtained access to 23.000 proxymaking money at least $550,000 from his activity.
Thanks to the Russian-Moldavian’s confession, it was possible to reconstruct his actions. IPStorm was active from 2019 to 2022, through the creation of a botnet in his support. The malware was first detected in 2020, when it had already infected more than 13,000 devices and had been involved in several frauds on the gaming platform Steam.
The cybercriminal behind IPStorm earned $550,000 from his business
According to the Department of Justice, the cybercriminal’s primary goal was to sell access to IPStorm-infected systems through two websites.
The institution’s note reads as “Through these websites, Makinin sold illegitimate access to infected and controlled devices to customers seeking to hide their Internet activities“. The documentation also explains how “A single customer could pay hundreds of dollars a month to route traffic through thousands of infected computers“.
US investigators had been on Makinin’s trail for about a year and, due to his illicit activities, the cybercriminal risks up to 30 years in prison.
Compared to the dismantling operation of Qakbot only partial, the FBI’s intervention in this context should have definitively closed down the activities related to IPStorm.