In a case described by a Commerce Department official as something "ripped from a screenplay," 35-year-old Chinese national YunHe Wang has been accused of operating an international botnet.
This network allegedly infected over 19 million IP addresses globally, used VPN programs to distribute malware and facilitated a wide range of cybercrimes.
How the Botnet Operated
Wang reportedly used VPN services like MaskVPN and DewVPN to spread malware, which then took control of millions of computers worldwide.
According to the Department of Justice (DOJ), he managed the botnet 911 S5 and sold access to these compromised IP addresses, which allowed his customers to conduct illegal activities anonymously.
The Crimes Facilitated by the Botnet
The 911 S5 botnet was a hub for various cybercrimes, including large-scale fraud, child exploitation, harassment, bomb threats, and export violations.
(Photo : Fahim Reza from Unsplash)
Attorney General Merrick Garland stated that the US collaborated with international partners to dismantle this extensive operation.
FBI Director Christopher Wray added that the botnet had infected computers in nearly 200 countries.
Related Article: SOHO Router-Targeting Botnet AVrecon Infiltrates More Than 70,000 Devices in 20 Countries: How Dangerous Is This Malware Strain?
Criminal Activities Involving Botnet Hackers
Matthew S. Axelrod, the assistant secretary for export enforcement at the Commerce Department Bureau of Industry and Security, emphasized the botnet's severe impact.
He revealed that the scheme enabled criminals to steal billions of dollars, send bomb threats, and distribute child exploitation materials. The profits, estimated at $100 million, were allegedly used to purchase luxury cars, watches, and real estate.
Duration and Scope of the Scheme
The DOJ alleges that the botnet was active from 2014 until July 2022. During this period, compromised computers were used to carry out numerous crimes, including defrauding pandemic relief programs.
According to The Verge, it is estimated that 560,000 fraudulent insurance claims originated from these compromised IP addresses, resulting in over $5.9 billion in fraudulent losses.
Sanctions and Legal Consequences
On Tuesday, May 28, the Treasury Department announced sanctions against Wang and two other Chinese nationals linked to the botnet. According to TechSpot, the other two suspects are Yanni Zheng and Jingping Liu.
These sanctions prohibit any transactions with them or their associated organizations.
If convicted on all counts, including substantive computer fraud and conspiracy to commit money laundering, Wang faces up to 65 years in prison.
While the authorities have seized the masterminds behind the botnet operation, the scammers behind the Google search scam remain unknown.
According to Tech Times, attackers trick their victims into clicking deceptive ads on popular search engines. When they click these ads, they are directed to a malicious website that can steal their hard-earned money and sensitive information.
Fortunately, there are ways to safeguard yourself from this new scheme. These include running trusted antivirus software and bookmarking trusted websites so you can double-check legitimate websites from counterfeit ones.
Read Also: South Korea Warns Residents About Dangerous North Korean Balloons
