An international law enforcement operation led by the Department of Justice (DOJ) has taken down a botnet known as 911 S5 that was using free VPNs to facilitate a variety of cybercrimes, including fraud, harassment, and child exploitation.
Wang Yunhe, a 35-year-old Chinese and St. Kitts and Nevis national, was arrested on May 24 for allegedly creating and running the entire botnet scheme. According to the Federal Bureau of Investigation, he used malware to infect millions of personal Windows computers around the world, creating a network with more than 19 million unique IP addresses.
Get security alerts, expert tips – Sign up for KURT’s newsletter – The Cyber Guy Report here
Cybercriminals’ work (Kurt “Cyberguy” Knutson)
Impact of Botnet Project
Wang is accused of creating a system that allowed cybercriminals to conceal their identities and commit crimes. He created and spread a botnet called 911 S5 between 2014 and July 2022, compromising and harvesting data from millions of home Windows computers around the world, according to the Federal Bureau of Investigation. Department of JusticeThese devices were associated with over 19 million unique IP addresses, including 613,841 IP addresses located in the United States.
FBI Director Christopher Wray called 911 S5 the world’s largest botnet. Cybercriminals can use it to evade financial fraud detection systems and steal billions of dollars from banks, credit card companies, and federal loan programs. The government estimates that 560,000 fake unemployment insurance claims were made from the compromised Internet addresses, with confirmed losses exceeding $5.9 billion.
“Further, in assessing losses from alleged fraud against the Economic Injury Disaster Loan (EIDL) program, the United States estimates that more than 47,000 EIDL applications originated from IP addresses compromised by 911 S5,” the Department of Justice wrote. “Millions of dollars more have also been identified as losses originating from IP addresses compromised by 911 S5 by U.S. financial institutions.”
The Department of Justice alleges that Wang made approximately $99 million by selling hijacked proxy IP addresses through Operation 911 S5 and receiving payments in both crypto and fiat currency from 2018 through July 2022. Wang used the money to purchase real estate in the United States, St. Kitts and Nevis, China, Singapore, Thailand and the United Arab Emirates.
How to remove your personal information from the internet
Windows laptop on a desk (Kurt “Cyberguy” Knutson)
Voice cloning is the latest weapon in family emergency scams
How Botnets Work
According to the Department of Justice, the malware was spread through free VPN programs such as MaskVPN and DewVPN that were distributed via torrent sites, and was also bundled with other programs, including pirated software, using pay-per-install services.
The operator controlled around 150 dedicated servers worldwide, 76 of which were rented from online service providers in the U.S. These servers were allegedly used to deploy and manage malicious applications, control infected devices, run 911 S5 services, and provide paying customers with access to the IP addresses of compromised devices.
Essentially, the operators hijacked the device by infecting it. MalwareThe Justice Department said the infected devices could become part of a botnet, with their IP addresses rented out to cybercriminals who could use them to carry out a variety of crimes anonymously while concealing their true location and identity.
Woman working on a laptop (Kurt “Cyberguy” Knutson)
Cybercriminals use AI to manipulate Google search results
Why you should avoid free VPNs
Wang’s arrest serves as a warning against the use of free VPN services. As mentioned above, he is accused of abusing free VPNs such as MaskVPN and DewVPN to distribute malware and allow cybercriminals to exploit the IP addresses of infected devices. However, this is not the only drawback of free VPNs.
Free VPN services often lack strong data protection measures because they are not subject to third-party audits to verify their security practices, and free VPN users may experience slower internet speeds and a higher risk of infection. Phishing Attacks.
Instead of relying on free VPNs, consider investing in one Reputable paid VPN services They prioritize user privacy, security, and performance. Paid VPN providers are more likely to implement strong encryption protocols, maintain strict no-logs policies, and offer faster connection speeds.
‘Unsubscribe’ email scam targets Americans
6 precautions to protect yourself from fraud
By following these steps, you can easily prevent cybercriminals from misusing your data and personal devices.
1) Invest in a reputable paid VPN service: Paid VPN services offer strong encryption protocols, strict no-logs policies, and faster connection speeds, enhancing your privacy and security when browsing the internet and accessing online services. Paid VPN services can also prevent tracking and identify your potential location on websites you visit. Many sites can read your IP address and, depending on your privacy settings, may show the city you are communicating from. A VPN disguise your IP address to show a different location. For the best VPN software, check out my expert reviews of the best VPNs for browsing the web privately on your phone. Windows, Mac, Android and iOS devices.
2) Deploy powerful antivirus software: The best way to protect yourself from clicking on malicious links that could install malware that could access your personal information is to install antivirus protection on all your devices, which will also warn you about phishing emails and ransomware scams. We’ve handpicked the winners of the best antivirus protection of 2024 for Windows, Mac, Android and iOS devices.
3) Invest in a personal data deletion service: No service promises to delete all your data from the Internet, but if you want to constantly monitor and automate the process of continually deleting information from hundreds of sites over a long period of time, a deletion service can be a useful tool. Use my recommendations here to remove your personal data from the internet.
4) Use strong, unique passwords: Create strong passwords for your accounts and devices, and avoid using the same password for multiple online accounts. password manager Securely store and generate complex passwords. It helps you create unique, hard-to-crack passwords that hackers can’t guess. It also tracks all your passwords in one place and enters them when you log into your accounts so you don’t have to remember them yourself. The fewer passwords you have to remember, the less likely you are to reuse them on your accounts.
5) Enable 2-factor authentication: To enable Two-factor certification Whenever possible, they will require a second form of verification, such as a code sent to your mobile phone, in addition to your password, providing an extra layer of security.
6) Keep your software and operating system up to date: Regularly Update your softwareapplications, and operating systems with the latest security patches and vulnerability fixes to reduce the risk of malware and exploits by cybercriminals.
Subscribe to KURT’s YouTube channel for quick video tips on how to use all kinds of tech gadgets.
Important points about the cart
Cybercriminals will always find new ways to exploit you, your data, and your electronic devices. It’s hard to predict what new tactics they’ll have up their sleeves, but you can protect yourself by being extremely careful when browsing the web, responding to phishing calls, and clicking on links. The current cybercrime landscape teaches us not to use free VPN services, even if they seem very attractive.
Do you use a free or paid VPN? Which service do you prefer? Let us know. Cyberguy.com/Contact Us.
If you want to hear more of my tech tips and security alerts, subscribe to the free CyberGuy Report newsletter at the link below. Cyberguy.com/Newsletter.
Have a question for Kurt or tell us the story you’d like to see featured?.
Follow Kurt on his social channels:
Answers to the CyberGuy’s most frequently asked questions:
Copyright 2024 CyberGuy.com. All Rights Reserved.
