The US Department of Justice (DOJ) has arrested a Chinese national, Yunhe Wang, over his suspected involvement in the 130M botnet scam.
A 35-year-old national of the People’s Republic of China and citizen-by-investment of St. Kitts and Nevis, Yune Wang, was arrested by the U.S. Department of Justice (DOJ) on suspicion of involvement in a botnet scam “used to commit cyber attacks, large-scale fraud, child exploitation, harassment, bomb threats, and export violations.”
The indictment No. 29 of May, alleges that between 2014 and 202, Wang “created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide” via the 911 S5 botnet, which impacted more than 19 million IP addresses.
The defendant subsequently engaged in the sale of compromised IP addresses to cybercriminals in exchange for cryptocurrencies. These cybercriminals targeted victims in over 200 countries and orchestrated a multitude of computer-enabled offenses, such as identity theft, financial fraud, and child exploitation.
Wang-affiliated wallet addresses collectively contained over $130 million in illicit commission-profitable digital assets, according to a separate analysis by the blockchain analytics firm Chainlysis. Scientists from Chainalysis composed:
“The 911 S5 botnet was able to provide these services by distributing deceptive free VPN services to victims, which purported to give users enhanced privacy while browsing the web. In reality, 911 S5 used backdoors in its code to illegally hijack the IP addresses of millions of victims around the world. This enabled the 911 S5 administrators to make millions of dollars per year with a subscription-based service allowing cybercriminals to use victims’ IP addresses.”
In the interim, DOJ law enforcement officials added:
“911 S5 customers allegedly targeted certain pandemic relief programs. For example, the United States estimates that 560,000 fraudulent unemployment insurance claims originated from compromised IP addresses, resulting in a confirmed fraudulent loss exceeding $5.9 billion.”
Law enforcement officials from the United States, Singapore, Thailand, and Germany worked in concert to seize 23 domains across 70 servers that constituted the backbone of Wang’s operations. Additionally, police claim to have seized $30 million in assets associated with 911 S5.
A report surfaced last month suggesting that via application-specific integrated circuit mining devices manufactured domestically, China may have planted a Trojan Horse in the Bitcoin mining infrastructure of the United States.
According to an authority, the rigs facilitate cyber espionage by Chinese intelligence agencies, which may target sensitive military installations, power systems, or communication networks.
