DOJ accuses Chinese national of $5.9 billion Covid botnet fraud

A global malware network responsible for the theft of $5.9 billion in Covid relief funds and linked to other crimes such as child exploitation and bomb threats has been shut down, Justice Department officials say announced Wednesday.

The DOJ arrested 35-year-old YunHe Wang, a Chinese national accused of creating the “botnet,” a type of malware that connects a network of hacked devices, which criminals can then use remotely to carry out cyberattacks .

Federal Bureau of Investigation Director Christopher Wray said it is “probably the world's largest botnet ever.”

From 2014 to 2022, Wang launched and operated the botnet, called “911 S5,” from about 150 servers worldwide, including some in the US, according to the indictment. The botnet hacked more than 19 million IP addresses in nearly 200 countries, the DOJ announcement said. According to the indictment, approximately 614,000 IP addresses were located in the US.

The FBI has one DIY guide allowing users to identify whether their devices were targeted by a 911 S5 attack and, if so, how to remove the malware.

Wang allegedly sold access to the compromised IP addresses to cybercriminals and collected at least $99 million, using it to purchase luxury cars, watches and property worldwide, the DOJ announcement said.

911 S5 was also used for fraud, stalking, harassment, illegal export of goods and other crimes, the DOJ said. The botnet specifically targeted Covid relief programs and submitted an estimated 560,000 false unemployment insurance claims, stealing $5.9 billion.

“The conduct alleged here reads as if it was plucked from a screenplay,” said Assistant Secretary for Export Enforcement Matthew S. Axelrod of the Commerce Department's Bureau of Industry and Security.

“What they don't show in the films, however, is the painstaking work it takes for domestic and international law enforcement agencies, working closely with industry partners, to take down such a brazen scheme and make an arrest like this happen ,” Axelrod added.

The DOJ worked with the FBI and other international law enforcement agencies to dismantle the botnet and arrest Wang.

The arrest follows a day later Finance Department has sanctioned Wang and two others for their alleged involvement in 911 S5. The Treasury Department also imposed sanctions on three companies that Wang owned or controlled: Spicy Code Company Limited, Tulip Biz Pattaya Group Company Limited and Lily Suites Company Limited.

Wang faces a maximum sentence of 65 years in prison with four criminal counts: conspiracy to commit computer fraud, substantive computer fraud, conspiracy to commit wire fraud and conspiracy to commit money laundering.

The charges come as U.S. law enforcement agencies try to update protocols to keep up with more advanced cybersecurity threats.

In recent years, the US has expressed particular concern about Chinese-backed hackers seeking to undermine US infrastructure.

In January, the FBI announced that it had dismantled the Chinese hacking group 'Volt Typhoon', which targeted US water plants, electricity grids and more.

“Today, and literally every day, they are actively attacking our economic security and engaging in wholesale theft of our innovation and our personal and corporate data,” Wray said at a hearing in January.

Related Posts

The White House is praising Biden's new immigration policy toward undocumented spouses of U.S. citizens

The White House is praising Biden’s new immigration policy toward undocumented spouses of U.S. citizens, With less than five months to go the general electionsPresident Biden announced sweeping federal action…

Texas doctor charged with obtaining confidential patient information about transgender care

A Texas doctor who calls himself a whistleblower on transgender care for minors is accused of illegally obtaining private information about patients at the nation's largest children's hospital who were…

Leave a Reply

Your email address will not be published. Required fields are marked *

You Missed

North Korea appears to be building walls near the DMZ, satellite images show

  • June 22, 2024
North Korea appears to be building walls near the DMZ, satellite images show

Google's VPN may be causing connection issues on the Pixel 8

  • June 22, 2024
Google's VPN may be causing connection issues on the Pixel 8

The Florida judge responsible for the secret trial against Trump files a dossier

  • June 22, 2024
The Florida judge responsible for the secret trial against Trump files a dossier

Hacker claims to have 30 million customer details of Australian ticket seller TEG

  • June 22, 2024
Hacker claims to have 30 million customer details of Australian ticket seller TEG

‘Slave Play’ playwright Jeremy O. Harris is on a mission to diversify theater : NPR

  • June 22, 2024
‘Slave Play’ playwright Jeremy O. Harris is on a mission to diversify theater : NPR

Fauci blames Trump's administration staff for feeding him misinformation and hostility

  • June 22, 2024
Fauci blames Trump's administration staff for feeding him misinformation and hostility

CDK Global Cyberattack Leaves Thousands of Car Dealers Spinning Their Wheels

  • June 22, 2024
CDK Global Cyberattack Leaves Thousands of Car Dealers Spinning Their Wheels

Why will Kylian Mbappé wear a mask at Euro 2024 and what are the rules?

  • June 22, 2024
Why will Kylian Mbappé wear a mask at Euro 2024 and what are the rules?

Angel Reese makes WNBA rookie double-double history: NPR

  • June 22, 2024
Angel Reese makes WNBA rookie double-double history: NPR

Refrigerating 'blood oranges' could even make them healthier – a bonus for consumers

  • June 22, 2024
Refrigerating 'blood oranges' could even make them healthier – a bonus for consumers

Why Anthropic's Artifacts May Be This Year's Most Important AI Feature: Interface Battle Reveal

  • June 22, 2024
Why Anthropic's Artifacts May Be This Year's Most Important AI Feature: Interface Battle Reveal