The FBI destroys a huge global army of zombie computing devices

(Bloomberg) — The FBI said it has taken down what is believed to be the world’s largest botnet – an army of 19 million infected computers – that was leased to hackers to commit cybercrimes.

Most read by Bloomberg

The botnet, which is spread across more than 190 countries, has enabled financial fraud, identity theft and access to child exploitation materials around the world, according to a statement issued Wednesday by FBI Director Christopher Wray. A Justice Department statement said other botnet-related breaches included bomb threats and cyberattacks that likely led to multibillion-dollar losses for victims.

Authorities said the botnet was linked to more than 613,000 U.S.-based IP addresses. Botnets are created when cybercriminals install malware on computers or other connected devices and use them for nefarious activities, creating an army of zombie devices whose owners are usually unaware of what is happening.

Wray said law enforcement seized equipment and internet assets and imposed sanctions on the botnet’s alleged administrator, YunHe Wang, as well as his co-conspirators.

Wang, a Chinese national, was arrested in Singapore on May 24 on charges of allegedly installing malware and creating and operating a consumer proxy service known as “911 S5.” According to the US government, it was launched in 2014 and relied on a network of millions of infected Windows home computers. According to the Department of Justice, Wang then made millions of dollars by offering cybercriminals access to infected IP addresses for a fee.

According to Brett Leatherman, deputy director of the FBI’s cyber division, the United States is currently awaiting extradition. “You know, we want him as soon as possible,” Leatherman told reporters in a telephone interview Wednesday.

He added that the FBI and international partners also executed multiple search and interrogation warrants in Singapore and Thailand, which may have led to additional arrests.

The law enforcement operation called Operation Tunnel Rat also seized luxury goods, including expensive cars and watches worth $4 million, as well as more than $29 million in cryptocurrencies and approximately $30 million in real estate in Singapore, Thailand, Dubai and where elsewhere, as well as 22 domains, officials say.

Private IP addresses were compromised when users downloaded certain free software or virtual private network applications to their devices that unknowingly contained botnet-related malware, Leatherman said. The FBI has released a website where anyone can check whether their IP address was among those breached.