Author Topic: New Malware Lays P2P Network on Top of IPFS’  (Read 60 times)

Offline Antus67

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 3986
    • View Profile
New Malware Lays P2P Network on Top of IPFS’
« on: June 14, 2019, 03:17:11 am »
Author: Ionut Arghire on June 13, 2019

A newly discovered piece of malware uses a peer-to-peer (p2p) network on top of InterPlanetary File System’s (IPFS) p2p network, Anomali’s security researchers report.

Discovered in May 2019 and dubbed IPStorm, the malware is written in the Go (Golang) programming language and targets Windows machines. Once it has infected a system, the malicious program allows its operator to execute arbitrary PowerShell code.

The use of a p2p network for communication ensures not only that the generated traffic blends into the legitimate traffic, but also that the infected machines don’t need to maintain a constant connection to the command and control (C&C) server.

Being connected directly to each other via a p2p network, the machines form a p2p botnet, where commands propagate from one bot to another. A p2p botnet is more difficult to implement, as the attacker needs to ensure bots can communicate with each other at all times, even when behind a NAT, but are more difficult to detect, especially with the increased use of p2p in corporate environments.

full article here:
Windows Defender
VoodooShield 5.01
Trojan Remover