FBI Botnet Takedown: 911 S5 With 19 Million Infected Devices

/in


The U.S. Department of Justice (DoJ) recently announced the successful takedown of what is likely the largest botnet ever recorded. This network, known as 911 S5, involved 19 million device botnet disruption across 190 countries and was used by various threat actors for numerous cybercrimes. Let’s have a look at the FBI botnet takedown and as well as how to protect yourself from botnets.

 

FBI Botnet Takedown – The Arrest and Charges


YunHe Wang, a 35-year-old Chinese national, was arrested in Singapore on May 24, 2024. Wang is accused of creating and administering the illegal platform from 2014 until July 2022. He faces multiple charges, including conspiracy to commit computer fraud, wire fraud, and money laundering. If convicted, he could be sentenced to a maximum of 65 years in prison.


Botnet Attack Examples


The Justice Department revealed that the botnet was used for various malicious activities such as cyber attacks, financial fraud, identity theft, child exploitation, harassment, bomb threats, and export violations. Security journalist Brian Krebs identified Wang as the operator of 911 S5 in July 2022, leading to the service’s abrupt shutdown on July 28, 2022, due to a data breach. Although it briefly reappeared under the name CloudRouter, it has since ceased operations.


FBI Cyber Security Investigations


Residential proxies (RESIPs) route traffic through legitimate user devices, providing anonymity for malicious activities. According to court documents, Wang allegedly spread the malware through free VPN programs like MaskVPN and DewVPN, and through pay-per-install services bundled with pirated software. Wang managed an extensive infrastructure of 150 servers worldwide, including 76 from U.S.-based service providers. These servers were used to control infected devices and offer access to the compromised IP addresses for a fee.


Financial Impact and Fraud


The 911 S5 botnet allowed criminals to bypass financial fraud detection systems, enabling them to steal billions from financial institutions and federal lending programs, including pandemic relief funds. This service facilitated illegal purchases and export of goods using stolen credit cards. Wang is estimated to have…

Source…