Sunday 23 June 2024, Poradnik bezpieczeństwa

He controlled millions of computers through VPNs


The United States arrested 35-year-old Chinese national YunHe Wang for offering free VPN programs that installed malware on millions of Windows computers. Wang allegedly used infected computers to create a huge botnet, offering it to cybercriminals for a fee. VPN programs such as MaskVPN, DewVPN, Shine VPN, and ProxyGate have been in operation since 2011, containing backdoors that allow control over infected computers.

The botnet, with 19 million IP addresses in nearly 200 countries, including 613,841 in the U.S., was likely the largest in history. Wang sold access to the botnet through a "911 S5" proxy service that allowed cybercriminals to anonymously conduct hacking activities, including financial fraud and other crimes.

The Department of Justice estimates that the 911 S5 facilitated billions of dollars in theft and more than $5.9 billion in fraudulent insurance claims. Wang generated at least $99 million from the "911 S5" service, which he operated until 2022, when security researchers and journalist Brian Krebs discovered his activities. Wang tried to restart the business under the name "Cloud Router".

Wang faces a maximum sentence of 65 years in prison for computer fraud, money laundering and wire fraud. The U.S. Treasury Department imposed sanctions on Wang, his associates and companies related to them for their role in running the botnet.