The United States has declared the takedown of one of the largest botnets globally

The US Department of Justice (DOJ) has announced the shutdown of a global malware network responsible for stealing $5.9 billion (£4.65 billion) and implicated in various other criminal activities. Collaborating with the FBI and international partners, the DOJ dismantled what is believed to be the largest botnet ever identified.

YunHe Wang, a Chinese national holding citizenship in St Kitts and Nevis, stands charged with creating and operating the network. The charges against Wang include conspiracy to commit computer fraud, substantive computer fraud, conspiracy to commit wire fraud, and conspiracy to commit money laundering, carrying a maximum penalty of 65 years in prison upon conviction.

Operating from approximately 150 servers worldwide, Wang and accomplices allegedly managed the botnet, named 911 S5, between 2014 and 2022. The network infiltrated over 19 million Internet Protocol (IP) addresses across nearly 200 countries, engaging in cyber attacks, large-scale fraud, child exploitation, harassment, bomb threats, and export violations.

The US government estimates that over half a million fraudulent unemployment insurance claims stemmed from compromised IP addresses, resulting in the $5.9 billion loss. Additionally, the botnet facilitated the purchase of goods with stolen credit cards and money laundering.

Wang purportedly profited around $99 million by selling access to the compromised IP addresses. He invested in properties across the US, St Kitts and Nevis, China, Singapore, Thailand, and the United Arab Emirates. Law enforcement agencies in Singapore and Thailand, alongside tech giant Microsoft, aided in the investigation, leading to the seizure or identification of assets worth approximately $60 million, including luxury vehicles and high-value watches.