911 S5 Botnet with 19 Million IP Addresses Dismantled & Admin Arrested

The U.S. Department of Justice (DOJ) launched the dismantling of the 911 S5 botnet, a vast community of compromised computer programs ancient for diversified unlawful actions.

The operation performed in cooperation with international law enforcement agencies, resulted in the apprehension of YunHe Wang, a 35-year-ancient Chinese national, who is suspected to be the mastermind slack the botnet.

The 911 S5 botnet, described by FBI Director Christopher Wray as “likely the sphere’s most spirited botnet ever,” infected over 19 million Internet Protocol (IP) addresses during almost 200 nations. The botnet used to be operational from 2014 unless its initial shutdown in July 2022, handiest to be resurrected later below the identify “CloudRouter.”

Wang and his co-conspirators allegedly unfold malware via diversified malicious Virtual Non-public Community (VPN) capabilities, along side MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN, and ShineVPN.

These capabilities bundled proxy backdoors, which allowed the botnet to infect hundreds of hundreds of residential Windows computer programs worldwide.

The compromised units were then ancient to operate a residential proxy provider, offering cybercriminals with safe entry to to proxied IP addresses for a charge.

The botnet facilitated a vast replacement of criminal actions, along side cyberattacks, tall-scale fraud, child exploitation, harassment, bomb threats, and export violations.

Particularly, the botnet used to be ancient to put up tens of hundreds of untrue capabilities for capabilities related to the Coronavirus Relief, Reduction, and Financial Security (CARES) Act, leading to billions of bucks stolen from monetary institutions, bank card issuers, and federal lending capabilities.

The DOJ estimates that over $5.9 billion used to be stolen via untrue unemployment insurance claims and Financial Wound Distress Loan (EIDL) capabilities.

The takedown of the 911 S5 botnet eager the seizure of 23 cyber net domains and bigger than 70 servers, which were integral to the botnet’s operation.

Authorities also seized approximately $29 million in cryptocurrency, luxury items valued at $4 million, and about $30 million in real estate. These sources were located in diversified nations, along side Singapore, Thailand, and Dubai.

Additionally, dozens of Wang’s sources and properties, along side luxury autos equivalent to a Ferrari F8, several BMWs, and a Rolls Royce, are in actuality field to forfeiture.

Wang faces a pair of prices, along side conspiracy to commit computer fraud, substantive computer fraud, conspiracy to commit wire fraud, and conspiracy to commit money laundering.

He could presumably face a most penalty of 65 years in penal complex if convicted on all counts. The DOJ is right this moment staring at for Wang’s extradition from Singapore.

The operation, named Operation Tunnel Rat, underscores the importance of international collaboration in combating cybercrime.

The FBI, along with law enforcement partners from world vast, performed the predominant role in dismantling the botnet’s infrastructure and attractive Wang.

The DOJ has also living up a net suppose material the assign folk can test if their IP address used to be amongst these compromised by the botnet, serving to skill victims identify and mitigate any security points stemming from the an infection.

This takedown is share of the federal authorities’s ongoing efforts to thwart world cybercrime, which has turn into more and more subtle and standard.

The DOJ has dismantled a pair of botnets this year, along side these linked to nation-declare hacking actions, highlighting the continual and evolving possibility posed by cybercriminals.