An international law enforcement operation led by the U.S. Justice Department has disrupted a botnet used to commit cyberattacks, large-scale fraud, child exploitation, harassment, bomb threats, and export violations.
At least 560,000 fraudulent U.S. unemployment insurance claims originated from compromised IP addresses, resulting in a loss exceeding $5.9 billion.
Authorities arrested YunHe Wang, 35, a national of the People's Republic of China and a citizen-by-investment of St. Kitts and Nevis, on May 24 for deploying malware through his residential proxy service known as "911 S5."
The DOJ stated that Wang propagated his malware through Virtual Private Network (VPN) programs, such as MaskVPN and DewVPN, and pay-per-install services that bundled his malware with pirated versions of licensed software or copyrighted materials.
He managed 150 servers worldwide, 76 of which he leased from U.S.-based online service providers, and provided customers with access to proxied IP addresses.
At least 560,000 fraudulent U.S. unemployment insurance claims originated from compromised IP addresses, resulting in a loss exceeding $5.9 billion. More than 47,000 Economic Injury Disaster Loan (EIDL) applications originated from IP addresses compromised by 911 S5.
Late last month, the Treasury Department’s Office of Foreign Assets Control (OFAC) issued financial sanctions against Wang, Jingping Liu, and Yanni Zheng for their 911 S5 activities and three entities for being owned or controlled by Wang.
From 2018 until July 2022, Wang received $99 million from his sales of the hijacked proxied IP addresses and used the proceeds to purchase real property in the U.S., St. Kitts and Nevis, China, Singapore, Thailand, and the United Arab Emirates.
The indictment identifies dozens of assets and properties subject to forfeiture, including a 2022 Ferrari F8 Spider S-A, a BMW i8, a BMW X7 M50d, a Rolls Royce, more than a dozen domestic and international bank accounts, over two dozen cryptocurrency wallets, luxury wristwatches, 21 residential or investment properties in Thailand, Singapore, UAE, St. Kitts and Nevis, and the U.S., and 20 domains.
This operation was a coordinated multi-agency effort led by law enforcement in the U.S., Singapore, Thailand, and Germany. Agents searched residences, seized assets valued at $30 million, and identified additional forfeitable property valued at $30 million.
Comments