The FBI arrests the alleged mastermind behind a vast network of compromised devices.

In an international law enforcement operation led by the U.S. Department of Justice, the operation of a botnet known as 911 S5 has been disrupted. This botnet used free VPN services to carry out various cybercrimes, including fraud, violence, and child exploitation. On May 24, YunHe Wang, a 35-year-old citizen of China and Saint Kitts and Nevis, was arrested and is accused of creating and managing this botnet scheme. Federal authorities claim that he used malware to infect millions of personal computers running Windows worldwide, forming a network with over 19 million unique IP addresses.

According to FBI Director Christopher Wray, 911 S5 is the largest botnet in the world. It has allowed cybercriminals to bypass financial fraud detection systems and steal billions of dollars from banks, credit companies, and federal loan programs. Authorities estimate that over 560,000 fraudulent unemployment insurance claims were submitted from compromised IP addresses, resulting in fixed losses of more than $5.9 billion. Additionally, in the analysis of suspected fraudulent losses from the Economic Injury Disaster Loan (EIDL) program in the U.S., over 47,000 applications were recorded from IP addresses affected by the 911 S5 botnet. The Department of Justice reported that from 2018 to July 2022, Wang earned about $99 million selling hijacked proxy IP addresses, receiving payment in both cryptocurrency and fiat currency. These funds were used to acquire real estate in the U.S., St. Kitts and Nevis, China, Singapore, Thailand, and the United Arab Emirates.

According to the Ministry of Justice, malware was distributed through free VPN programs such as MaskVPN and DewVPN, which were available on torrent sites. It was also bundled with other software, including pirated versions, thanks to installation payment services. The operator managed about 150 dedicated servers worldwide, of which 76 were rented from American internet services.

According to information from the U.S. Department of Justice, the owner of the botnet was capturing devices by infecting them with malware. As a result, the infected machines became part of the botnet, allowing their IP addresses to be rented out to cybercriminals. These cybercriminals could use the captured IP addresses to anonymously commit various crimes, hiding their true locations and identities.

The arrest of Vanga serves as a warning about the use of free VPN services, such as MaskVPN and DewVPN, which he allegedly used to spread malware and allowed cybercriminals to exploit the IP addresses of infected devices. However, this is not the only issue with free VPN services. Many of them often do not provide adequate data protection, as they rarely undergo independent audits to verify their security practices. Users of free VPNs may face slow internet speeds and an increased risk of phishing attacks.

Instead of relying on free VPNs, it’s worth considering investing in reputable paid VPN services that prioritize user privacy, security, and performance. Paid VPN providers typically implement robust encryption protocols, adhere to strict no-logs policies, and offer higher connection speeds.

To protect yourself from cybercrime, you can take several proactive steps:

• Invest in a reputable paid VPN service.Paid VPNs provide reliable encryption protocols and strict privacy policies. They also protect against tracking and hide your location.
• Install reliable antivirus software.on all your devices to prevent the installation of malware.
• Consider using services for removing personal data from the internet.These services will help you manage and automate the process of deleting your data from multiple websites.
• Create strong and unique passwordsFor your accounts. Use password managers to store and generate complex passwords.
• Enable two-factor authentication wherever possible.for adding an extra layer of security.
• Regularly update the software,to use the latest security updates and avoid vulnerabilities.

Cybercriminals are constantly coming up with new ways to exploit user data and electronic devices. It's important to note: beware of using free VPNs, even if they seem tempting. Protect your data and be cautious online.