International Botnet Scheme: Chinese National Charged in Global Cybercrime Network

Two more Chinese nationals are slapped with sanctions.

In a case described by a Commerce Department official as something "ripped from a screenplay," 35-year-old Chinese national YunHe Wang has been accused of operating an international botnet.

This network allegedly infected over 19 million IP addresses globally, used VPN programs to distribute malware and facilitated a wide range of cybercrimes.

How the Botnet Operated

Wang reportedly used VPN services like MaskVPN and DewVPN to spread malware, which then took control of millions of computers worldwide.

According to the Department of Justice (DOJ), he managed the botnet 911 S5 and sold access to these compromised IP addresses, which allowed his customers to conduct illegal activities anonymously.

The Crimes Facilitated by the Botnet

The 911 S5 botnet was a hub for various cybercrimes, including large-scale fraud, child exploitation, harassment, bomb threats, and export violations.

International Botnet Scheme: Chinese National Charged in Global Cybercrime Network
The US Department of Justice confirmed that the notorious 911 S5 Botnet operation had been seized, leading to the arrest of a Chinese national named YunHe Wang. Fahim Reza from Unsplash

Attorney General Merrick Garland stated that the US collaborated with international partners to dismantle this extensive operation.

FBI Director Christopher Wray added that the botnet had infected computers in nearly 200 countries.

Criminal Activities Involving Botnet Hackers

Matthew S. Axelrod, the assistant secretary for export enforcement at the Commerce Department Bureau of Industry and Security, emphasized the botnet's severe impact.

He revealed that the scheme enabled criminals to steal billions of dollars, send bomb threats, and distribute child exploitation materials. The profits, estimated at $100 million, were allegedly used to purchase luxury cars, watches, and real estate.

Duration and Scope of the Scheme

The DOJ alleges that the botnet was active from 2014 until July 2022. During this period, compromised computers were used to carry out numerous crimes, including defrauding pandemic relief programs.

According to The Verge, it is estimated that 560,000 fraudulent insurance claims originated from these compromised IP addresses, resulting in over $5.9 billion in fraudulent losses.

Sanctions and Legal Consequences

On Tuesday, May 28, the Treasury Department announced sanctions against Wang and two other Chinese nationals linked to the botnet. According to TechSpot, the other two suspects are Yanni Zheng and Jingping Liu.

These sanctions prohibit any transactions with them or their associated organizations.

If convicted on all counts, including substantive computer fraud and conspiracy to commit money laundering, Wang faces up to 65 years in prison.

While the authorities have seized the masterminds behind the botnet operation, the scammers behind the Google search scam remain unknown.

According to Tech Times, attackers trick their victims into clicking deceptive ads on popular search engines. When they click these ads, they are directed to a malicious website that can steal their hard-earned money and sensitive information.

Fortunately, there are ways to safeguard yourself from this new scheme. These include running trusted antivirus software and bookmarking trusted websites so you can double-check legitimate websites from counterfeit ones.

Joseph Henry
Tech Times
ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics