(Bloomberg) — The FBI said it has dismantled what is likely the world’s largest botnet — an army of 19 million infected computers — that was being rented out to hackers for cybercrimes.
Most read on Bloomberg
The botnet, spread in more than 190 countries, enabled financial fraud, identity theft and access to child exploitation materials around the world, according to a statement released Wednesday by the director of the FBI, Christopher Wray. Other breaches linked to the botnet included bomb threats and cyberattacks, likely resulting in billions of dollars in victim losses, according to a Justice Department statement.
The botnet was linked to more than 613,000 IP addresses located in the United States, authorities said. Botnets are created when cybercriminals install malware on computers or other connected devices and exploit them to carry out nefarious activities, creating an army of zombies whose owners are usually unaware of what is happening.
Law enforcement seized hardware and internet assets and imposed sanctions against the botnet’s alleged administrator, YunHe Wang, as well as co-conspirators, Wray said.
Wang, a Chinese citizen, was arrested in Singapore on May 24, accused of allegedly deploying malware and creating and operating a residential proxy service known as “911 S5.” According to the US government, it was launched in 2014 and relied on a network of millions of compromised residential Windows computers. Wang then generated millions of dollars by offering cybercriminals paid access to these infected IP addresses, according to the Justice Department.
The United States is now awaiting their extradition, according to Brett Leatherman, deputy assistant director of the FBI’s Cyber Division. “We want it, you know, as soon as possible,” Leatherman told reporters on a call Wednesday.
The FBI and its international partners also executed several search warrants and interviews in Singapore and Thailand that could lead to additional arrests, he added.
The law enforcement operation, dubbed Operation Rat Tunnel, also seized luxury goods including expensive cars and watches worth $4 million, as well as more than $29 million in cryptocurrency and approximately $30 million in real estate in Singapore, Thailand, Dubai and elsewhere, plus $22 million. areas, officials said.
Residential IP addresses were compromised when users downloaded certain free software or virtual private network applications to their devices, which unknowingly contained malware associated with the botnet, Leatherman said. The FBI has published a web page where members of the public can check if their IP address is among those compromised.
Most read from Bloomberg Businessweek
©2024 Bloomberg LP
