Bitdefender researchers have found clues that the Interplanetary Storm Golang botnet could be used as highly anonymous proxy-network-as-a-service and potentially rented using a subscription-based model.
While the botnet has been under previous scrutiny from Bitdefender researchers, constant monitoring of the development lifecycle of Interplanetary Storm has revealed that threat actors are both proficient in using Golang and development best practices, and well-versed at concealment of management nodes.
While previous research from security researchers has focused on analyzing some of the capabilities of the malware and its network traffic, Bitdefender researchers have provided the full picture as well as focused on finding leads regarding the malware developers’ identity and the potential purpose of the infrastructure.