Quote:A new variant of the InterPlanetary Storm malware has been discovered, which comes with fresh detection-evasion tactics and now targets Mac and Android devices (in addition to Windows and Linux, which were targeted by previous variants of the malware).
Researchers say, the malware is building a botnet with a current estimated 13,500 infected machines across 84 countries worldwide – and that number continues to grow. Half of the infected machines are in Hong Kong, South Korea and Taiwan. Other infected systems are in Russia, Brazil, the U.S., Sweden and China.
“While the botnet that this malware is building does not have clear functionality yet, it gives the campaign operators a backdoor into the infected devices so they can later be used for cryptomining, DDoS, or other large-scale attacks,” said researchers with Barracuda in a Thursday analysis.
The first variant of InterPlanetary Storm was discovered in May 2019 and targeted Windows machines. In June, a variant targeting Linux machines was also reported targeting IoT devices, such as TVs that run on Android operating systems, and Linux-based machines, such as routers with ill-configured SSH service.
The botnet, which is written in Go, uses the Go implementation of libp2p, which is a network framework that allows users to write decentralized peer-to-peer (P2P) applications. This framework was originally the networking protocol of InterPlanetary File System (IPFS), on which researchers based the malware’s name.
“The malware is called InterPlanetary Storm because it uses the InterPlanetary File System (IPFS) p2p network and its underlying libp2p implementation,” said researchers. “This allows infected nodes to communicate with each other directly or through other nodes (i.e. relays).”
Read more: https://threatpost.com/botnet-mac-android/159714/
![[-]](https://www.geeks.fyi/images/collapse.png)
