The shutdown was dubbed Operation Tunnel Rat
(Image credit: Illustration by Julia Wytrazek / Getty Images)
By Justin Klawans, The Week US
published
The United States is taking a major victory lap after federal authorities took down what was allegedly the largest zombie "botnet" in the world. A Chinese national, YunHe Wang, was arrested as the mastermind of 911 S5, a proxy bot service that was "used to commit cyber attacks, large-scale fraud, child exploitation, harassment, bomb threats and export violations," the U.S. Department of Justice (DOJ) said in a press release.
The DOJ, FBI and other federal agencies, working in tandem with law enforcement from around the globe, were able to disrupt and shut down 911 S5, the press release said. Wang was arrested in Singapore "on charges that he created and operated the botnet and deployed malware." In addition, as part of the shutdown dubbed Operation Tunnel Rat, the feds "seized over $29 million in cryptocurrency, and Wang and associates were sanctioned by the U.S. Department of the Treasury," FBI Deputy Assistant Director for Cyber Operations Brett Leatherman said on LinkedIn.
The botnet is hardly the only criminal cyber operation, but was thought to be the most widespread; 911 S5 was believed to have infected more than 19 million IP addresses around the world, the DOJ said, including more than 613,000 in the U.S.
Subscribe to The Week
The Week provides readers with a wide range of perspectives from 200 trusted news sources.
Try 6 Free Issues
Sign up for The Week's Free Newsletters
From our daily WeekDay news briefing to an award-winning Food & Drink email, get the best of The Week delivered directly to your inbox.
From our daily WeekDay news briefing to an award-winning Food & Drink email, get the best of The Week delivered directly to your inbox.
How did 911 S5 work?
The so-called "zombie" botnet was a system that deployed malware onto various computers, and was designed to infect as many devices as possible. The process began when Wang would allegedly sell his unsuspecting victims various VPN programs. These are computer extensions that are "used to encrypt an internet connection, routing it through a remote server to mask an IP address and hide the user's browsing history and location," said CBS News.
Once the victim downloaded the malicious VPN, it would supposedly give Wang access to the computer's aforementioned IP address. These are a "string of numbers and dots [that] act as unique identifiers for the devices and domains on the internet, allowing them to communicate with each other and send information back and forth," CBS said.
Wang is then alleged to have "doled out the stolen IP addresses to cybercriminals for millions of dollars to facilitate the illicit activity," said CBS. Criminals, operating under the guise of the victims' IP addresses, could then "carry out their schemes and avoid detection by law enforcement." These criminals used Wang's false IP addresses to steal "billions of dollars from financial institutions, credit card issuers and accountholders, and federal lending programs since 2014," according to a federal indictment seen by The Associated Press.
Altogether, Wang reportedly "made more than $99 million selling cybercriminals access to his hijacked devices," Attorney General Merrick Garland said in a statement, as his operation extended to nearly 200 countries. He would then use the funds to purchase luxury vehicles, real estate, watches and other high-end goods. Meanwhile, Wang's victims are "responsible for more than $5.9 billion in losses due to fraud against pandemic relief programs."
How can you protect yourself against other botnets?
The FBI has provided a framework for potential victims of 911 S5 to see if their IP address has been compromised. Moving forward, though, some sites have presented ways in which users can best protect themselves online.
It is important to keep all computer systems up-to-date, because botnets "are designed to exploit vulnerabilities in your network, which includes unpatched security risks in connected devices," said software company Ping Identity. This can be mitigated by making sure devices have updated security patches and antivirus software installed.
Another way to hinder botnets is through the use of multi-factor authentication (MFA). This "allows password-only logins to be replaced by faster and more secure login experiences," Ping Identity said. This can include a "biometric authentication method (such as a fingerprint or face identification) to authenticate" entry, making it harder for botnets to find a way in.
And if a botnet is installed on a device, it is important to detect it as quickly as possible," said cybersecurity firm SentinelOne, because "once a botnet gains entry and starts wreaking havoc, it's much more difficult to deal with." This means being on the lookout for abnormally high web server CPU load, excessive memory usage and non-native traffic profiles. All of these factors combined can help prevent the rise of further botnets.
Explore More
TechFbiComputer HackingUnder The Radar
To continue reading this article...
Create a free account
Continue reading this article and get limited website access each month.
register for free
Already have an account? Sign in
Subscribe to The Week
Get unlimited website access, exclusive newsletters plus much more with a subscription to The Week.
Cancel or pause at any time.
Already a subscriber to The Week?
Unlimited website access is included with Digital and Print + Digital subscriptions.
Create an account with the same email registered to your subscription to unlock access.
Not sure which email you used for your subscription? Contact us
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
Justin Klawans, The Week US
Justin Klawans has worked as a staff writer at The Week since 2022. He began his career covering local news before joining Newsweek as a breaking news reporter, where he wrote about politics, national and global affairs, business, crime, sports, film, television and other Hollywood news. Justin has also freelanced for outlets including Collider and United Press International.
UN vote ups pressure on Israel, Hamas for Gaza dealSpeed ReadThe United Nations Security Council voted to endorse a U.S.-backed cease-fire deal for GazaBy Peter Weber, The Week USPublished 11 June 24 Isles of Scilly: discover the abundant joys of island lifeThe Week RecommendsRamble, sail and feast your way around Scilly to experience a region like no otherBy Julia O'Driscoll, The Week UKPublished 11 June 24 The Week Junior Book Awards 2024 Shortlist AnnouncedThe Week JuniorWe're thrilled to announce the shortlist for The Week Junior Book Awards 2024 brought to you in partnership with The Bookseller.By The WeekPublished 11 June 24
All-powerful, ever-pervasive AI is running out of internetThe explainerThere is no such thing as unlimited dataBy Devika Rao, The Week USPublished 5 June 24 Is quantum computing the next technological frontier?Today's Big QuestionSome people believe the technology will change the world, but others are skeptical of its risksBy Justin Klawans, The Week USPublished 30 May 24 Is the AI bubble deflating?Today's Big QuestionGrowing skepticism and high costs prompt reconsiderationBy Joel Mathis, The Week USPublished 26 April 24 Instagram hopes that blurring nudity in messages will make teens saferThe ExplainerThe option will be turned on by default for users under 18By Justin Klawans, The Week USPublished 23 April 24 AI is causing concern among the LGBTQ communityIn the SpotlightOne critic believes that AI will 'always fail LGBTQ people'By Justin Klawans, The Week USPublished 15 April 24 Why is Microsoft breaking up Teams and Office?Today's Big QuestionThe company had previously divided the software in Europe, but will now make this change globallyBy Justin Klawans, The Week USPublished 5 April 24 The push for media literacy in education amid the rise of AIIn the SpotlightA pair of congresspeople have introduced an act to mandate media literacy in schoolsBy Justin Klawans, The Week USPublished 2 April 24 The complex environmental toll of artificial intelligenceThe explainerAI is very much mostly not green technologyBy Devika Rao, The Week USPublished 21 March 24
