loader gif

This unusual Windows malware is controlled via a P2P network

This unusual Windows malware is controlled via a P2P network (Malware and Vulnerabilities)

A new malware campaign aimed at Windows machines features a novel technique to control the resulting botnet, with the group behind it hiding their communications using a P2P network. It's not known who the author of IPStorm is or where they are operating from, but the malware has a "reverse shell" functionality which can allow hackers to execute any arbitrary PowerShell code on the infected machine. What's interesting about the malware, according to researchers at cyber security firm Anomali, is that it is the first malware found in the wild that is using IPFS' p2p network for its command and control communication. By using a legitimate p2p network, the malware can hide its network traffic among legitimate p2p network traffic. Written in the Go programming language, it's still uncertain how IPStorm begins its initial infections, but the size of the malware package means the code is split into multiple parts. In the analysis of the malware, researchers note that while IPStorm is only targeting Windows systems for now, metadata in the malware samples suggests the attackers are potentially in the process of compiling it to infect other operating systems.

loader gif