In a significant victory against cybercrime, an international law enforcement operation has successfully dismantled the 911 S5 botnet, which was responsible for infecting over 19 million IP addresses worldwide.
The operation culminated in the arrest of YunHe Wang, the botnet's alleged administrator, marking a substantial step forward in the fight against cybercriminal activities.
YunHe Wang, a 35-year-old national of China and citizen-by-investment of St. Kitts and Nevis, was apprehended on May 24 on multiple criminal charges, including conspiracy to commit computer fraud, wire fraud, and money laundering. The arrest was the result of a coordinated international effort led by the U.S. Justice Department, with significant contributions from law enforcement agencies in Singapore, Thailand, and Germany.
911 S5 spread via VPNs
From 2014 to July 2022, Wang and his associates allegedly created and disseminated malware to build a vast network of compromised residential Windows computers. This botnet linked over 19 million unique IP addresses across nearly 200 countries, including 613,841 IP addresses in the United States.
The malware was spread through VPN programs such as MaskVPN and DewVPN, as well as through pay-per-install services that bundled the malware with pirated software. Wang managed this extensive network using approximately 150 dedicated servers worldwide, 76 of which were leased from U.S. service providers.
The financial and criminal impact of the 911 S5 botnet was extensive. Wang's service allowed cybercriminals to access these infected IP addresses for a fee, generating nearly $99 million in illicit profits. The botnet facilitated a wide range of criminal activities, including financial fraud, identity theft, and child exploitation.
Cybercriminals used the proxied IP addresses to commit financial fraud, resulting in billions of dollars in losses to financial institutions and federal programs. During the COVID-19 pandemic, the botnet enabled over 560,000 fraudulent unemployment claims and more than 47,000 Economic Injury Disaster Loan applications, leading to significant fraudulent losses.
The botnet also had severe implications for public safety and security. It enabled child exploitation, harassment, bomb threats, and violations of export regulations. Wang's operation provided cybercriminals with the means to bypass financial fraud detection systems and commit a host of cybercrimes while concealing their true identities and locations.
In addition to Wang's arrest, authorities seized assets valued at approximately $30 million, including luxury vehicles such as a 2022 Ferrari F8 Spider S-A, a Rolls Royce, and various other high-end items. They also confiscated dozens of bank accounts, cryptocurrency wallets, and real estate properties across multiple countries.
Kakao Messenger App Fined $11.5 Million for Privacy Violations
Leave a Reply