Chinese Hacker Arrested In Singapore For Allegedly Running ‘World’s Largest’ Cybercrime Botnet

Chinese Hacker Arrested In Singapore For Allegedly Running 'World's Largest' Cybercrime Botnet

Police have arrested a Chinese national in Singapore for creating and using malware that was used in large-scale fraud, child exploitation and cyberattacks. The arrest was made under an international operation.

On May 24, 35-year-old Wang Yunhe was nabbed from his home in Singapore in connection with his suspected involvement in cybercriminal activities in the United States, the Singapore Police Force (SPF) confirmed.

Following the arrest, the United States has raised an extradition request, the SPF tol CNA. The US and Singapore have an extradition treaty.

According to US officials, Wang was responsible for running a major botnet for nearly 10 years.

The ‘911 S5’ botnet, which is a network of malware-infected computers in around 200 countries, could be the largest in the world, the US Department of Justice (DOJ) quoted FBI Director Christopher Wray as saying.

With the sale of access to these computers to criminals, The ‘911 S5’ botnet reportedly amassed millions in profits. These computers were used by the criminals for child exploitation, financial fraud and identity theft.

Brett Leatherman, FBI’s deputy assistant director for cyber operations, said search warrants were released in Singapore and Thailand.

Wang and unnamed others allegedly “created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide”, the DOJ said in a statement on May 29.

Between the period from 2018 until July 2022, the sales of the hijacked proxied IP addresses brought US$99 million to Wang, either in cryptocurrency or fiat currency, the DOJ said.

After buying access to the infected IP addresses, the cybercriminals then bypassed financial fraud detection systems and stole “billions of dollars from financial institutions, credit card issuers and federal lending programmes”, said the DOJ.

This includes fraudulent loss amounting to more than US$5.9 billion from 560,000 fraudulent unemployment insurance claims, that originated from compromised IP addresses, said the DOJ.

Wang took advantage of his illicit gains to buy 21 properties in the US, China, Thailand, Singapore, the United Arab Emirates and St Kitts and Nevis, where he obtained citizenship using investment, the indictment says.

His assets and properties included over two dozen cryptocurrency wallets and luxury watches, sports cars, more than a dozen domestic and international bank accounts.

The assistant secretary for export enforcement at the US Department of Commerce’s Bureau of Industry and Security, Matthew S Axelrod, said the alleged crimes against Wang read like they are “ripped from a screenplay”.

“A scheme to sell access to millions of malware-infected computers worldwide, enabling criminals over the world to steal billions of dollars, transmit bomb threats and exchange child exploitation materials – then using the scheme’s nearly US$100 million in profits to buy luxury cars, watches and real estate,” he said.

Leave a Reply

Your email address will not be published. Required fields are marked *