According to the United States District office, Sergei Makinin, a Russian and Moldovan national, has admitted to running an illicit botnet proxy service known as IPStorm, which infected tens of thousands of internet-facing devices worldwide.
Makinin, known for operating the IPStorm Botnet, used it to disseminate malware and sell unauthorized access to the infected devices, to customers with the intention of concealing their internet activities. The Botnet, which infected various operating systems such as Linux, Mac, and Android, primarily targeted citizens in locations across Asia, Europe, North America, and South America.
Throughout the operation of this botnet, Makinin accumulated at least $550,000 from the scheme.
On September 18, 2023, he was found guilty on a three-count charge violating 18 U.S.C. § 1030(a)(5)(A) Fraud and Related Activity in Connection with Computers, and could face a maximum sentence of ten years in prison.
U.S. Attorney Stephen Muldrow stated:
“This investigation shows that we will use every lawful tool at our disposal to disrupt cybercriminals, regardless of their location,” said U.S. Attorney Stephen Muldrow.”
“This case serves as a warning that the reach of the law is long, and criminals anywhere who use computers to commit crimes may end up facing the consequences of their actions in places they did not anticipate.”
THE INVESITGATIVE TEAM:
The FBI San Juan Cyber Team, in cooperation with the FBI legal attaché office in Madrid in coordination with the Spanish National Police-Cyber Attack Group; and the FBI Legal Attaché office in Santo Domingo, in coordination with the Dominican National Police-Interpol, Dominican National Police-International Organized Crime Division, and Ministry of the Interior and Police-Immigration Directorate, led the investigation.
Also, AUSA Jonathan Gottfried of the United States Attorney’s Office for the District of Puerto Rico and Senior Counsel Jane Lee and Jeff Pearlman of the Department of Justice’s Computer Crime and Intellectual Property Section prosecuted the case.
WHAT HAPPENED DURING THE OPERATION OF THE IPStorm Botnet:
- During the operation, Makinin controlled the Botnet from a C2 server running on the domain names proxx[.]io, proxx[.]net, which contained a list of devices infected by the botnet.
- Over 23,000 devices, including Windows, Linux, Mac, and Android devices, were infected.
- From 2019 through December 2023, Makinin deployed malicious software applications to hack thousands of internet-facing devices worldwide, including in Puerto Rico.
The FBI emphasized the importance of keeping computers updated with the latest security patches and operating systems to prevent similar cybercrimes.
Fixitgearware Security strongly advises internet users to be law-abiding citizens and refrain from using computer devices to conduct nefarious activities. If they are smart enough, they should use their devices for performing good deeds, to protect and keep the cyberworld safe.
Put your comments below in the comment section on your thoughts about this.