In a shocking turn of events, the Department of Justice recently disclosed the shutdown of a massive malware network responsible for the theft of $5.9 billion in Covid relief funds. The culprit behind this nefarious operation is a 35-year-old Chinese national, YunHe Wang, who was arrested on charges of orchestrating the creation of a “botnet.” This sophisticated malware allowed criminals to remotely control a network of compromised devices for cyberattacks.
Spanning from 2014 to 2022, Wang operated the botnet, known as “911 S5,” through approximately 150 servers worldwide, including some in the U.S. The reach of the botnet was extensive, with over 19 million IP addresses compromised in nearly 200 countries. Of these, 614,000 were located in the United States. The FBI has released guidelines for individuals to check if their devices were affected by the 911 S5 attack and how to eliminate the malware.
Wang’s illicit activities did not stop at cybercrime. He allegedly sold access to the compromised IP addresses to other cybercriminals, amassing a staggering $99 million in the process. The funds were used to acquire luxury cars, watches, and properties globally. The botnet was also utilized for various crimes such as fraud, stalking, harassment, and illegal export of goods. One of the most alarming revelations was the targeting of Covid relief programs, resulting in the filing of approximately 560,000 false unemployment insurance claims and the subsequent theft of $5.9 billion.
The arrest of Wang marks a significant milestone in the battle against cybercrime. The Department of Justice collaborated with the FBI and international law enforcement agencies to dismantle the botnet and apprehend Wang. In addition to facing sanctions from the Treasury Department, Wang is potentially looking at a maximum prison sentence of 65 years with four criminal counts against him. These charges include conspiracy to commit computer fraud, substantive computer fraud, conspiracy to commit wire fraud, and conspiracy to commit money laundering.
As cybersecurity threats become increasingly sophisticated, law enforcement agencies in the U.S. are striving to update their protocols effectively. Of particular concern are China-backed hackers seeking to undermine American infrastructure. The dismantling of the Chinese “Volt Typhoon” hacking group, which targeted critical sectors like water plants and electric grids, is a testament to the ongoing battle against cyber threats. FBI Director Christopher Wray emphasized the immediate need to address these challenges, highlighting the constant attacks on economic security and theft of innovation and personal data.
The exposure and shutdown of the 911 S5 botnet serve as a stark reminder of the pervasive nature of cybercrime and the proactive measures required to combat it effectively. The case of YunHe Wang underscores the importance of international cooperation in tackling global cybersecurity threats and the ongoing efforts to safeguard critical infrastructure from malicious actors.
Leave a Reply