IPStorm.C is a Trojan horse infection that impacts Mac computers. Initially created in 2019 to compromise the Windows operating system, in the summer of 2020, it has evolved into a severe macOS threat that can also impair Android and Linux systems. A profound analysis of this malicious piece of software, whose full name is known to be InterPlanetary Storm, has shown that it is a very sophisticated threat that has the technical ability to conduct a number of dangerous activities while at the same time ensuring its persistence. Once IPStorm.C has infiltrated a computer, it enables the malware operators to gain full control over the machine and, respectively, perform various remote commands. Among the malicious activities that can be done through the remote access provided by the Trojan infection is the download and installation of additional malignant scripts, as well as the collection and transfer of sensitive data. IPStorm.C can also install crypto-mining apps, run DDoS attacks, open command prompts, and many others.

This malware uses a legitimate peer-to-peer protocol related to the InterPlanetary File System (IPFS) to establish communication with the compromised systems and run its fraudulent processes. Exploiting a legit p2p network allows IPStorm.C Trojan to fulfill its other main purpose - remain hidden and operate in the background as long as possible. After infiltration, IPStorm.C also checks for honeypot software to make sure it can proceed with its actions without being detected. Additionally, persistence can be gained by killing a list of processes that may reveal its presence.

Malware researchers have found out that this Trojan spreads on Mac and Linux machines through dictionary attacks against the network communication protocols, meaning that the hackers try to guess established usernames and passwords. Such an attack may begin after a corrupted website has managed to drop a different piece of malware on a macOS device. Beware that this Mac threat can cause severe damage to the infected machine and its owner, while the removal process can be highly complicated. We recommend using an advanced security solution for the complete removal of IPStorm.C and all its hidden components from your device.


Most Viewed