US DOJ Arrests YunHe Wang for Alleged $130M Botnet Scam

Botnet Scam US DOJ
Last updated:
Journalist
Journalist
Hassan Shittu
About Author

Hassan, a Cryptonews.com journalist with 6+ years of experience in Web3 journalism, brings deep knowledge across Crypto, Web3 Gaming, NFTs, and Play-to-Earn sectors. His work has appeared in...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships.

The U.S. Department of Justice (DOJ) announced on May 29 an international law enforcement operation to disrupt the 911 S5 botnet, a major cybercriminal enterprise, which resulted in the arrest of YunHe Wang, a Chinese national, for his role in deploying malware and operating a proxy service used for various cybercrimes. Wang’s botnet compromised millions of computers worldwide and facilitated numerous illegal activities, including financial fraud, identity theft, and child exploitation.

US DOJ Operation Led To The Discovery Of the Botnet Scammer, YunHe Wang

YunHe Wang, a 35-year-old national of the People’s Republic of China and a citizen-by-investment of St. Kitts and Nevis, was arrested on May 24. He’s facing charges related to the deployment of malware and the operation of a residential proxy service known as “911 S5.”From 2014 through July 2022, Wang and his associates allegedly developed and spread malware to compromise millions of residential Windows computers globally. The compromised devices generated over 19 million unique IP addresses, with 613,841 in the United States. Cybercriminals paid for access to these infected IP addresses, generating millions of dollars in revenue for Wang.According to the indictment, Wang and his associates are alleged to have created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide.

Wang allegedly propagated malware through VPN programs like MaskVPN and DewVPN, using torrent distribution and pay-per-install services. He managed around 150 dedicated servers, including 76 leased from U.S.-based providers, to control infected devices and run the 911 S5 service.

The 911 S5 botnet facilitated numerous crimes, including financial fraud, identity theft, and child exploitation. The botnet also targeted pandemic relief programs, with fraudulent unemployment claims and Economic Injury Disaster Loan (EIDL) applications linked to compromised IP addresses, resulting in a confirmed fraudulent loss exceeding $5.9 billion.

From 2018 to July 2022, Wang allegedly earned approximately $99 million from selling access to the hijacked IP addresses. He invested the illicit proceeds in properties and luxury items worldwide. The indictment lists assets subject to forfeiture, including high-end cars, bank accounts, cryptocurrency wallets, luxury watches, and real estate across multiple countries.

A different analysis conducted by the blockchain analytics company Chainalysis revealed that wallet addresses linked to Wang collectively contained over $130 million in digital assets obtained through illegal commissions.

Rising Crypto Scams

The Canadian Anti-Fraud Centre (CAFC) recently warned about increased cryptocurrency scams targeting Canadian citizens. These scams mainly focus on romance scams, also known as pig butchering and investment scams. They often involve prolonged online communication where fraudsters pose as friends, romantic interests, or legitimate investment advisers to lure victims into fraudulent crypto investment schemes. Victims of these scams are often promised unrealistic investment returns through fraudulent platforms. Initially, they may be allowed to withdraw small amounts to appear legitimate, but eventually, their funds are locked, and their identities are compromised. In 2023, investment frauds cost Canadians $309.4 million, with $172 million attributed to social media-related frauds. As a preventive measure, Canada plans to implement the international Crypto-Asset Reporting Framework (CARF) by 2026 to establish new reporting requirements for crypto-asset service providers for taxation purposes.According to a recent report, fraudsters also target South Korean cryptocurrency users with an Ethereum-themed scam. In this scam, they send alarming text messages warning that users’ ETH coins will be burned due to “long-term inactivity” unless they act quickly. The messages, which appear to come from a fake global exchange named Bit-Finance, prompt recipients to click on a phishing link and enter wallet details, potentially leading to financial losses.

More Articles

DeFi News
Synthetix Acquires TLX in Token-for-Token Deal
Ruholamin Haqshanas
Ruholamin Haqshanas
2024-12-11 11:25:11
Blockchain News
Bitget COO Talks India Expansion, Stresses Compliance as Top Priority
Jai Pratap
Jai Pratap
2024-12-11 10:50:28
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors