US catches Chinese man allegedly behind ‘world’s largest botnet’
The United States caught the suspected mastermind of the world’s largest botnet. On May 24, 2024, US authorities arrested Yunhe Wang, the alleged leader of the 911 S5 botnet.
The Department of Justice said this network of unsuspecting devices facilitated various cybercrimes, such as fraud and child exploitation.
READ: OpenAI says it stopped AI influence operations
Article continues after this advertisementThe DOJ says Wang generated $99 million from his scheme. His scheme spanned IP addresses across 190 countries and operated for eight years.
What is a botnet?
Understanding what a botnet is is important before delving into the world’s largest one. Cybersecurity solutions firm Kaspersky defines the word “botnet” as a portmanteau of the words “robot” and “network.”
It is a “network of hijacked computer devices used to carry out various scams and cyberattacks.” In other words, botnets infiltrate computers, take over, and turn those compromised devices into a network for various online schemes.
Article continues after this advertisementThe cybersecurity company says they follow these basic stages:
- Prep and Expose: A hacker or a group exploits a vulnerability to expose users to malware.
- Infect: Hackers infect user devices with malware to take control.
- Activate: Hackers mobilize infected devices to carry out attacks.
Online criminals use a bot herder in the Activate Stage. It is a program that uses command programming to operate the network of infected computers for various schemes:
- Stealing money from online accounts
- Accessing confidential accounts
- Sabotaging websites and services
- Mining cryptocurrencies
- Providing information to other cybercriminals
How did the 911 S5 botnet get caught?
911 S5 Botnet Dismantled and Its Administrator Arrested in Coordinated International Operation
— U.S. Department of Justice (@TheJusticeDept) May 29, 2024
Botnet Infected Over 19M IP Addresses to Enable Billions of Dollars in Pandemic and Unemployment Fraud, and Access to Child Exploitation Materials
🔗: https://t.co/sEdzhDoHfl pic.twitter.com/R5UBMsOX6n
Matthew Axelrod, the Assistant Secretary for Export Enforcement at the U.S. Department of Commerce’s Bureau of Industry and Security, explained how 911 S5 worked:
“The conduct alleged here reads like it’s ripped from a screenplay,” he said in a report from UK-based news firm The Independent.
“A scheme to sell access to millions of malware-infected computers worldwide, enabling criminals all over the world to steal billions of dollars, transmit bomb threats, and exchange child exploitation materials – then using the scheme’s nearly $100 million in profits to buy luxury cars, watches, and real estate.”
Yunhe Wang allegedly sold access to his network of compromised computers to criminals. Then, these people used it to bypass fraud detection systems to steal billions of dollars from financial institutions.
“What they don’t show in the movies though is the painstaking work it takes by domestic and international law enforcement, working closely with industry partners, to take down such a brazen scheme and make an arrest like this happen,” Axelrod added.
US Attorney General Merrick Garland explained law enforcement agencies worldwide collaborated to identify, locate, and apprehend Wang. The Independent says he faces a maximum penalty of 65 years in prison if convicted.
