close
close

The US arrests a Chinese man for running the world’s largest zombie network using 6 malicious VPN applications

Posted on by darion

The US Department of Justice, in cooperation with international agencies, arrested a Chinese national who distributed malware to victims’ devices using multiple malicious VPN applications. It is said to be “the largest-ever operation against botnets, which play a major role in the deployment of ransomware.”

YunHe Wang and his conspirators operated 911 S5 – one of the largest proxy and botnet services for households, with over 19 million hacked IP addresses in over 190 countries, which confirmed victims’ losses amounted to billions of dollars.

“Working with our international partners, the FBI conducted a joint, sequential cyber operation to take down the 911 S5 botnet, arguably the world’s largest ever botnet. We arrested its administrator, Yunhe Wang, seized infrastructure and assets, and imposed sanctions on Wang and his co-conspirators,” said FBI Director Christopher Wray.

Some of the “free” VPN apps that hackers have used to attack users around the world include MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN, and ShineVPN.

How hackers installed ransomware on devices
The 911 S5 botnet infected devices using hidden malware in the form of “proxy backdoors” embedded in free, fake VPN applications. These VPNs often come bundled with pirated software and video games, tricking victims into downloading them.

Once downloaded, the VPN app installs silently, turning the victim’s device into part of a botnet without their knowledge.

“Backdoor proxies allowed 911 S5 users to route their devices through victims’ devices, allowing criminals to commit crimes such as bomb threats, financial fraud, identity theft, child exploitation, and pre-access brokering,” the FBI says.

Tips on how to protect yourself
The FBI and partner agencies recommend taking precautions to protect against botnets:

  • Avoid free software, especially VPNs that contain pirated content. They may contain hidden malware.
  • Avoid suspicious websites and ads. Clicking on them may unknowingly download malware.
  • Don’t open attachments or click links in emails from unknown senders, especially if they seem urgent or require personal information.
  • Update your antivirus software and operating systems regularly to ensure they can identify the latest threats.