Malware Alert: IPStorm- another threat is looming on the horizon

Malware Alert: IPStorm

Malware Alert: IPStorm

 As if there wasn’t enough to worry about, another threat is looming on the horizon:  IPStorm (not to be confused with the European virus protection package announced on the internet).  It’s a very newly discovered Trojan Horse virus, so cunningly crafted that nobody knows what it does.  So basically, what we have is the equivalent of a severe weather alert, but no thunder and lightning.  Yet.  Hold on to your hats, make sure you apply the tips listed below, and make sure you stay tuned to the CrafTech blogs, because we’re on top of it!

IPStorm is malware, quite sophisticated malware that has just about every base covered.  It was first identified this June by the cybersecurity firm Anomali.  Its creators, who remain unknown, have told us its name, but have made no other information available.  Like 40% of internet activity, it depends on bots (software applications that run automated tasks).  Its bots are linked to a botnet, a group of Internet-connected devices that can each run one or more bots, usually for illegal purposes.  IPStorm’s deadliness is potentially multi-level.  Most disturbingly, it attacks through the IPFS’s (InterPlanetary File System for open-source file-sharing) P2P network traffic to hide its own malicious P2P involvement. This is the very first malware that has been found to use that route—which is a significant indication of the programmers’ expertise.  Unfortunately, that entry point makes the virus all the stronger:  the malicious traffic is hidden, blended right in with normal traffic.  It also makes removing the botnet difficult because there is a risk that the legitimate IPFS network could be affected at the same time—and that’s a place no one wants to go to.  Plus, antivirus tools can be circumvented by this malware, and it can put itself to sleep and use memory allocation to remain dormant until it wakes up.

But wait, there’s more.   Researchers haven’t even been able to figure out how IPStorm begins its infection cycle. That’s because of the nature of its programming, where the malware package itself has been divided many parts, again, a very sophisticated and well-thought-out approach.  Researchers explain about its Go programming language, “By breaking functionality out into different Go packages, the codebase is easier to maintain.  Also, the threat actor can break out things into modules to make it easier to swap out or reuse functionality.”  IPStorm also has several antivirus-evasion techniques built into its configuration. One of the most insidious is its use of folder names that relate to Microsoft or Adobe systems when it copies itself onto a target, meaning that even a tech-savvy and alert user might not notice it right away.

There are some measures you can take to protect yourself while awaiting developments, ones that should be in place in any healthy network environment:

  • Enforce a strong password policy.
  • Disable AutoPlay.
  • Turn off unnecessary file-sharing.
  • Remove unnecessary services.
  • Train employees not to open unexpected attachments.
  • Turn off Bluetooth if you don’t need it for mobile devices.

As of right now, the IPStorm botnet seems to be limited to about 3,000 machines, a surprisingly small number that gives experts every reason to believe that the virus is in a very early stage of development–Which means that the worst is yet to come.  But be assured that CrafTech has this storm on our radar!

Written by: Susan Palmer

Comments are closed.



Our Satisfied Customers

From full network setup, tech support, data backup, and more, CrafTech strives to provide you with solutions to all your IT needs.

Knowledgeable, responsive and caring. We recently hired CrafTech for IT support of our small Non-profit. They treat us like we are one of their most important clients. Very responsive to our requests and help step us through the process to get set up with them. Definitely recommend them.
Trouble with getting an email address at work with my name given incorrectly! So the email wouldn't work & then my name signing on was changed too! Josif was able to resolve both issues quickly, considering I was on 3rd shift & didn't respond back right away!
Dawn Ruhl DussellHarwood House
CrafTech has been providing services to our company for many years. They have been the most resourceful and efficient to resolving all our IT issues.
Anna GonokhovaCommand Arms
Our agency has been using CrafTech for several years. All of their team members are extremely helpful and they are always quick to respond to and take care of any technical issues we experience.
Barbra TabnickThe Radio Agency
These guys are very professional and prompt with their service. The obviously know their trade and I can highly recommend them!! They managed to revive my crashed PC and transferred all the files to my new computer on short notice and in no time!! The cost for this service was ...
We've been using CrafTech for over 6 years and we could not be happier with their service and expertise. CrafTech is super responsive when we have issues and resolve them quickly and correctly. The staff could not be more professional and nice. I totally recommend CrafTech!!!
Whenever I have a problem with my computer (user-error or otherwise), CrafTech always resolves the issue very quickly. Their staff is always very friendly and responsive to my issues (whether it is my business or personal computer). Couldn't be more pleased with their services and highly recommend them.
We recently engaged Craftech to update our entire office network set-up (email, Sharepoint, Cybersecurity and unified Wi-Fi installation) in both of our locations in Philadelphia and Marlton New Jersey. Craftech is extremely professional and organized. We are also using Craftech to manage our IT services and are ...
Adrian LoAdrian Lo MD PC
Craftech was able to meet each one of our needs from network configuration and optimization, domain creation and configuration, spam and malware prevention and defense, remote PC access, internet and WiFi optimization, printer and device management, and many Read More
Zafeiris AkranisPhilly's Best Steak Company, Inc
I have been a loyal, enthusiastic customer of CrafTech (Tony) for about 25 years now. Craftech from Day One handled all of my needs, for a fair and reasonable price with top-notch service.  Read More
I just wanted to let you know what a great job Evan did on Friday with Laura Martin’s PC. We really appreciate his diligence in taking care of the situation.
Eric Bause, ARM, Media PA | Consulting ActuaryThe Actuarial Advantage Inc.
If you would like excellent service at a great price CrafTech is the place to go.
Susan Griffin
Being able to call CrafTech for small or large problems, hardware, quick solutions and always getting a fast reliable fix….Priceless!!!
Donna/Irene/Joanne/Tina, AdministratorsUpper Providence Township
CrafTech is responsive when we call and are very efficient. They find the most cost effective way to deal with issues.
Ido Roizman, ControllerRoizman
The real testament to CrafTech is their responsiveness. I can’t even remember a time when our servers have been down for more than 30 minutes.
Denise Urban, Business ManagerRes-Kem General Water
You have been indirectly responsible for numerous sales in particular, and customer satisfaction in general.
Dave Peairs, Technical DirectorNALCO CAL WATER | An Ecolab Company
We’ve gotten the best responses, problem solving and service with a smile that we’ve had since doing business with CrafTech.
Danielle Shull, PresidentPinnacle Healthcare Recovery Partners
It is such a huge weight off my shoulders to know that our data is safe, and that ANY problems I have with my computer, your team will fix it for me…and QUICK!
Jennifer L. Borys, PresidentWoodside Associates
I called CrafTech and my mind has been at ease ever since. Tony and Eric gave us amazing service and had us up and running more quickly than I ever imagined possible.
Joyce Csanady, OwnerSigns By Tomorrow
The extensive efforts that CrafTech takes to reduce spam dramatically decreases the junk in our inboxes while ensuring that our customers can get through to us.
Rob Ferber, Office ManagerLinvilla Orchards

Minimal down time.
It is a transformation of your Managed IT services experience!



Contact Us

We strive to provide our clients with the best possible IT services and support. We will be able to suit your needs.


Media Office

34 State Road
Media, PA 19063
(610) 566-0980

Aston Office

4748 Pennell Road
Aston, PA 19014
(610) 494-5141