YunHe Wang Arrested by US DOJ in $130M Botnet Scam
The United States Department of Justice (DOJ) has made a significant breakthrough in its fight against cybercrime. On May 29, the DOJ announced the arrest of YunHe Wang, a Chinese national, for his involvement in a major cybercriminal enterprise known as the 911 S5 botnet. Wang, who is 35 years old and holds citizenship in both China and St. Kitts and Nevis, faces charges related to the deployment of malware and the operation of a residential proxy service.
Wang’s actions have had far-reaching consequences, as his botnet compromised millions of computers worldwide. This network of compromised devices facilitated a wide range of illegal activities, including financial fraud, identity theft, and child exploitation. Wang and his associates are accused of creating and distributing malware that infected millions of residential Windows computers globally, generating over 19 million unique IP addresses, with more than 600,000 in the United States. Cybercriminals paid for access to these infected IP addresses, resulting in millions of dollars in revenue for Wang.
The indictment against Wang outlines the methods he and his associates used to propagate malware. They utilized popular VPN programs such as MaskVPN and DewVPN, leveraging torrent distribution and pay-per-install services. Wang was responsible for managing approximately 150 dedicated servers, 76 of which were leased from providers based in the United States. These servers allowed him to control the infected devices and run the 911 S5 service.
The 911 S5 botnet enabled a wide range of criminal activities, including financial fraud, identity theft, and child exploitation. Additionally, the botnet targeted pandemic relief programs, leading to fraudulent unemployment claims and Economic Injury Disaster Loan (EIDL) applications linked to compromised IP addresses. The confirmed fraudulent loss resulting from these activities exceeds $5.9 billion.
Wang’s illicit activities have been highly lucrative. From 2018 to July 2022, he allegedly earned approximately $99 million from selling access to the hijacked IP addresses. He used these illicit proceeds to invest in properties and luxury items around the world. The indictment includes a list of assets subject to forfeiture, including high-end cars, bank accounts, cryptocurrency wallets, luxury watches, and real estate in multiple countries.
It has also been revealed that wallet addresses linked to Wang contain over $130 million in digital assets acquired through illegal commissions, according to an analysis conducted by blockchain analytics company Chainalysis.
The arrest of YunHe Wang is a significant victory in the fight against cybercrime. However, it serves as a reminder of the rising number of crypto scams targeting individuals worldwide. The Canadian Anti-Fraud Centre recently issued a warning about the increasing prevalence of cryptocurrency scams in Canada, particularly romance scams and investment scams. These scams involve fraudsters posing as friends, romantic partners, or legitimate investment advisors to deceive victims into fraudulent cryptocurrency investment schemes. Victims are promised unrealistic returns and may initially be allowed to make small withdrawals to maintain the illusion of legitimacy. However, their funds are eventually locked, and their identities are compromised.
In 2023, Canadians lost a total of $309.4 million to investment fraud, with $172 million attributed to frauds related to social media. To combat these scams, Canada plans to implement the Crypto-Asset Reporting Framework (CARF) by 2026. This framework will establish new reporting requirements for crypto-asset service providers for taxation purposes.
Fraudsters are also targeting South Korean cryptocurrency users with an Ethereum-themed scam. They send alarming text messages, pretending to be from a fake global exchange called Bit-Finance, warning users that their ETH coins will be burned due to “long-term inactivity” unless they act quickly. The messages prompt recipients to click on a phishing link and enter their wallet details, potentially leading to financial losses.
The arrest of YunHe Wang and the ongoing efforts to combat cybercrime serve as a reminder of the importance of vigilance in the digital age. Individuals must remain cautious and informed to protect themselves from scams and criminal activities conducted online.
