An international law enforcement operation led by the Department of Justice (DOJ) took down a botnet called 911 S5 that used free VPNs to facilitate a variety of cybercrimes, including fraud, harassment, and child exploitation.
YunHe Wang, 35, a Chinese citizen and a citizen of Saint Kitts and Nevis, was arrested on May 24 on charges of creating and operating an entire botnet scheme. Federal authorities say he used malware to infect millions of personal Windows computers around the world, creating a network of more than 19 million unique IP addresses.
Get security alerts and expert tips – sign up for CURT's newsletter here – CYBERGUY Report
Impact of Botnet Schemes
Mr. Wang is known to have created a system that allows cybercriminals to obscure their identities and commit crimes. He did so by creating and distributing a botnet called 911 S5 to compromise and amass networks of millions of home Windows computers around the world from 2014 until July 2022. DOJ. These devices were associated with more than 19 million unique IP addresses, including 613,841 IP addresses in the United States.
FBI Director Christopher Wray called 911 S5 the world's largest botnet. This allows cybercriminals to bypass financial fraud detection systems and steal billions of dollars from banks, credit card companies, and federal lending programs. The government estimates that 560,000 fake unemployment insurance claims originated from compromised Internet addresses, resulting in confirmed losses of more than $5.9 billion.
“Additionally, in assessing suspected fraud losses for the Economic Injury Disaster Loan (EIDL) program, the United States estimates that more than 47,000 EIDL applications originated from IP addresses compromised by 911 S5,” the Justice Department said. “Financial institutions in the United States have similarly seen millions of additional dollars in losses from IP addresses compromised by 911 S5.”
The Justice Department alleges that from 2018 to July 2022, Wang earned approximately $99 million through Operation 911 S5, selling hijacked proxy IP addresses and accepting payments in cryptocurrency and fiat currency. With this money, Mr. Wang purchased real estate in the United States, St. Kitts and Nevis, China, Singapore, Thailand, and the United Arab Emirates.
How to remove personal data from the Internet
Voice cloning is scammers' new weapon for family emergency planning.
How Botnets Work
According to the DOJ, the malware was spread through free VPN programs such as MaskVPN and DewVPN distributed through torrent sites. It was also bundled with other programs, including pirated software, using paid installation services.
The operator managed approximately 150 dedicated servers worldwide, 76 of which were leased from US online service providers. These servers were reportedly used to distribute and manage malicious applications, control infected devices, run the 911 S5 service, and provide paying customers with access to the IP addresses of compromised devices.
Essentially, the operator hijacked the device by infecting it. malware, DOJ said. Infected devices became part of a botnet, allowing their IP addresses to be leased to cybercriminals. These cybercriminals can then use the hijacked IP addresses to carry out a variety of crimes anonymously while hiding their actual location and identity.
Cyber fraudsters use AI to manipulate Google search results.
Why you should avoid free VPNs
Wang's arrest serves as a warning against using free VPN services. As discussed, he reportedly exploited free VPNs such as MaskVPN and DewVPN to distribute malware and allow cybercriminals to misuse the IP addresses of infected devices. But that's not the only downside to free VPNs.
Free VPN services often lack strong data protection measures because they are not typically audited by third parties to verify their security practices. Free VPN users may also experience slower internet speeds and increased risks of: phishing attack.
Instead of relying on a free VPN, you should consider investing in one. Reputable Paid VPN Service User privacy, security, and performance are our top priorities. Paid VPN providers are more likely to implement strong encryption protocols, maintain strict no-logs policies, and offer faster connection speeds.
'Unsubscribe' email scam targeting Americans
6 proactive steps you should take to protect yourself from these scams
You can easily protect your data or personal devices from being misused by cybercriminals by following these steps:
1) Invest in a reputable paid VPN service. Paid VPN services offer strong encryption protocols, strict no-logs policies, and faster connection speeds, ensuring improved privacy and security when browsing the Internet or accessing online services. Paid VPN services can prevent tracking and potentially identify your location on the websites you visit. Many sites can read your IP address and, depending on your privacy settings, display the city you live in. A VPN spoofs your IP address to show an alternate location. To find the best VPN software, read our expert reviews of the best VPNs for browsing the web privately on your computer. Windows, Mac, Android and iOS devices.
2) You must have strong antivirus software. The best way to protect yourself from clicking on malicious links that install malware that can access your personal information is to install antivirus protection on all your devices. It may also alert you to phishing emails or ransomware scams. Check out our picks for the best 2024 antivirus protection for Windows, Mac, Android, and iOS devices..
3) Invest in a personal data removal service. Although no service guarantees the removal of all data from the Internet, we recommend using a removal service if you want to continuously monitor and automate the process of removing information from hundreds of sites on an ongoing basis over a long period of time. Use my recommendations here to remove your personal data from the internet..
4) Use a strong and unique password. Create strong passwords for your accounts and devices and avoid using the same password for multiple online accounts. Consider using password manager Securely store and create complex passwords. It helps you create unique, hard-to-crack passwords that hackers can never guess. Second, it keeps track of all your passwords in one place and enters them for you when you log into your account, so you don't have to remember them yourself. The fewer passwords you remember, the less likely you are to reuse them across your accounts.
5) Enable two-factor authentication: enable double element proof Whenever possible. This adds an additional layer of security by requiring a second form of verification, such as a code sent to your phone, in addition to your password.
6) Keep your software and operating system up to date. Periodically software updateKeep your applications and operating systems up to date with security patches and vulnerability fixes to reduce the risk of exploitation by malware or cybercriminals.
Subscribe to Kurt's YouTube channel for quick video tips on how all your tech gadgets work.
Kurt’s Key Takeaways
Cybercriminals devise new ways to exploit you, your data, and your electronic devices. It's hard to predict what new tactics they have in store, but you can protect yourself by being extra careful when browsing the web, dealing with phishing calls, and clicking on links. The current cybercrime situation teaches us not to use free VPN services, even if they sound very tempting.
Do you use a free VPN or a paid VPN service? What do you like about these services? Please let us know by sending a letter to: Cyberguy.com/Contact Us.
Subscribe to the free CyberGuy Report newsletter for more tech tips and security alerts. Cyberguy.com/Newsletter.
Ask Kurt a question or let him know what story you'd like us to cover..
Follow Kurt's social channels:
Answers to CyberGuy's most frequently asked questions:
Copyright 2024 CyberGuy.com. All rights reserved.