views
An international law enforcement team has arrested a Chinese national and disrupted a major botnet that officials said he ran for nearly a decade, amassing at least $99 million in profits by reselling access to criminals who used it for identity theft, child exploitation, and financial fraud, including pandemic relief scams.
911 S5 Botnet Dismantled and Its Administrator Arrested in Coordinated International OperationBotnet Infected Over 19M IP Addresses to Enable Billions of Dollars in Pandemic and Unemployment Fraud, and Access to Child Exploitation Materials
: https://t.co/sEdzhDoHfl pic.twitter.com/R5UBMsOX6n
— U.S. Department of Justice (@TheJusticeDept) May 29, 2024
The US Department of Justice quoted FBI Director Christopher Wray as saying Wednesday that the “911 S5” botnet — a network of malware-infected computers in nearly 200 countries — was likely the world’s largest.
Justice said in a news release that Yunhe Wang, 35, was arrested May 24. Wang was arrested in Singapore, and search warrants were executed there and in Thailand, the FBI’s deputy assistant director for cyber operations, Brett Leatherman, said in a LinkedIn post. Authorities also seized $29 million in cryptocurrency, Leatherman said.
Cybercriminals used Wang’s network of zombie residential computers to steal “billions of dollars from financial institutions, credit card issuers and accountholders, and federal lending programs since 2014,” according to an indictment filed in Texas’ eastern district.
The administrator, Wang, sold access to the 19 million Windows computers he hijacked — more than 613,000 in the United States — to criminals who “used that access to commit a staggering array of crimes that victimized children, threatened people’s safety and defrauded financial institutions and federal lending programs,” US Attorney General Merrick Garland said in announcing the takedown.
He said criminals who purchased access to the zombie network from Wang were responsible for more than $5.9 billion in estimated losses due to fraud against relief programs. Officials estimated 560,000 fraudulent unemployment insurance claims originated from compromised IP addresses.
Wang allegedly managed the botnet through 150 dedicated servers, half of them leased from US-based online service providers.
The indictment says Wang used his illicit gains to purchase 21 properties in the United States, China, Singapore, Thailand, the United Arab Emirates and St. Kitts and Nevis, where it said he obtained citizenship through investment.
In its news release, the Justice Department thanked police and other authorities in Singapore and Thailand for their assistance.
Comments
0 comment