A global malware network responsible for the theft of $5.9 billion in Covid relief funds and linked to other crimes such as child exploitation and bomb threats has been shut down, Justice Department officials announced Wednesday .
The Justice Department arrested 35-year-old YunHe Wang, a Chinese citizen who was accused of creating the “botnet,” a type of malware that connects a network of hacked devices that criminals can then remotely use to launch cyberattacks.
Christopher Wray, director of the Federal Bureau of Investigation, said it was “probably the world’s largest botnet ever.”
According to the indictment, from 2014 to 2022, Wang launched and operated the botnet called “911 S5” from around 150 servers worldwide, including some in the United States. The botnet hacked into over 19 million IP addresses in nearly 200 countries, the Justice Department’s announcement said. According to the indictment, approximately 614,000 IP addresses were located in the United States.
The FBI has released guidance to help users determine whether their devices were the target of a 911-S5 attack and, if so, how to remove the malware.
Wang allegedly sold access to the compromised IP addresses to cybercriminals and amassed at least $99 million, which he used to buy luxury cars, watches and real estate around the world, the Justice Department statement said.
The 911 S5 emergency call has also been used for fraud, stalking, harassment, illegal export of goods and other crimes, the Justice Department said. Specifically, the botnet targeted Covid relief programs and submitted an estimated 560,000 false unemployment insurance claims, stealing $5.9 billion.
“The conduct alleged here reads as if it were taken from a script,” said Matthew S. Axelrod, assistant secretary for export control at the U.S. Department of Commerce’s Bureau of Industry and Security.
“What they do not show in the films, however, is the painstaking work required by national and international law enforcement agencies, in close collaboration with industry partners, to prevent such a brazen plot and facilitate an arrest like this,” Axelrod added.
The DOJ worked with the FBI and other international law enforcement agencies to dismantle the botnet and arrest Wang.
The arrest came a day after the Treasury Department sanctioned Wang and two others over their alleged involvement in 911 S5. The Treasury also imposed sanctions on three companies that Wang owned or controlled: Spicy Code Company Limited, Tulip Biz Pattaya Group Company Limited and Lily Suites Company Limited.
Wang faces a maximum of 65 years in prison for four crimes: conspiracy to commit computer fraud, material computer fraud, conspiracy to commit wire fraud and conspiracy to commit money laundering.
The charges come at a time when U.S. law enforcement agencies are trying to update protocols to keep up with more complex cybersecurity threats.
In recent years, the US has expressed particular concern about Chinese-backed hackers seeking to undermine American infrastructure.
In January, the FBI announced that it had dismantled the Chinese hacker group Volt Typhoon, which targeted U.S. hydroelectric plants, power grids and more.
“Today and literally every day, they are actively attacking our economic security and committing mass theft of our innovations and our personal and corporate data,” Wray said at a hearing in January.
Source link
2024-05-29 18:57:23
www.cnbc.com
