Tech | Visa | Scholarship/School | Info Place

911 S5 botnet: One of the largest botnets taken down in the US

The U.S. Department of Justice (DOJ) announced the dismantling of one of the world’s largest botnets, the 911 S5 botnet, making a significant breakthrough in cybersecurity.

The U.S. Department of Justice said the digital conspiracy was a hotbed for fraudulent activity, child exploitation, cyberattacks and bomb threats.

Wang Yunhe, a citizen of the People’s Republic of China and a citizen by investment of Saint Kitts and Nevis, was arrested as the mastermind of the operation.

Justice Department cracks down on botnets

The court-authorized international law enforcement operation found that Wang was accused of creating, operating and maintaining an illegal residential proxy service that came to be known as “911 S5.”

The indictment, released on May 24, shows that Wang and his accomplices’ activities spanned from 2014 to July 2022. During this period, Wang and his accomplices allegedly hacked into millions of Windows computers by deploying malware.

This included 19 million unique IP addresses, of which 613,841 were located in the U.S. Once compromised by the malware, Wang and his gang allegedly sold the information about the compromised IP addresses to the highest bidder.

“As a result of this operation, Yunhe Wang was arrested on charges of creating and operating a botnet and deploying malware,” Attorney General Merrick B. Garland said of the crackdown. “This case shows that the long arm of the law can reach across borders and into the deepest reaches of the dark web, and the Department of Justice will never stop holding cybercriminals accountable.”

Pirated versions of seemingly legitimate software were used as proxy entry points. Wang and his team used a virtual private network (VPN) program to smuggle the malware inside, bundled with other program files.

Once deployed, Wang operated 150 servers around the world, 76 of which were tagged and rented from suppliers in the U.S. Through this network of digital corruption, Wang could give paying customers access to stolen IPs and their data.

Using illegal IP to commit large-scale cybercrime

These IPs are used for a multitude of illegal activities. These include child exploitation, bomb threats, and large-scale fraud. Criminals use IPs to mask their point of origin and location, providing law enforcement with a smoke and mirror trail that includes billions of dollars in fraud from financial institutions, lenders, and the federal loan system.

According to US sources, IPs purchased through 911 S5 generated 560,000 false unemployment insurance claims. The total amount of funds raised by these illegal IPs for epidemic relief funds was as high as $5.9 billion.

Additionally, Wang would receive $99 million and would go on to purchase real estate in the United States, St. Kitts and Nevis, China, Singapore, Thailand and the United Arab Emirates, according to the unsealed indictment.

The Chinese national faces a possible sentence of 65 years in prison for computer fraud, substantive computer fraud, wire fraud and money laundering.

“As alleged in the indictment, Wang created malware that infected millions of home computers around the world and then sold access to the infected computers to cybercriminals,” said Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division.

Image: Ideogram.

#botnet #largest #botnets

Leave a Reply

Your email address will not be published. Required fields are marked *