A Chinese national allegedly pocketed roughly $99 million by selling access to millions of home computers around the world — including hundreds of thousands in the United States — to cybercriminals, federal officials say.
YunHe Wang, 35, crafted malware used to compromise more than 19 million residential Windows computers worldwide, including nearly 614,000 in the U.S., the Department of Justice announced on Wednesday. From 2014 through July 2022, Wang and others ran a botnet that “facilitated cyberattacks, large-scale fraud, child exploitation, harassment, bomb threats and export violations,” Attorney General Merrick Garland stated in a news release.
Wang was arrested last week on criminal charges stemming from his deployment of malware and creating and operating a residential proxy service known as “911 S5.”
The service let cybercriminals bypass financial fraud detection systems to steal billions from financial institutions, credit card issuers and federal lending programs, including more than $5.9 billion in fraudulent unemployment claims in the U.S. during the pandemic, authorities said. The scheme’s nearly $100 million in profits allegedly paid for luxury cars, watches and real estate.
Wang faces a maximum of 65 years in prison if convicted of charges that include conspiracy to commit computer fraud.
The Treasury Department issued financial sanctions against Wang and two others for activities associated with 911 S5, which was taken offline in July 2022 before reemerging as Cloudrouter in October 2023, officials said.
To determine if you are a victim of 911 S5 malware, please visit www.fbi.gov/911S5.