The US Treasury Department has done that sanctioned three Chinese nationals and three of their companies for running a large proxy botnet operation that infected consumer devices with malware and enabled cybercrime on a global scale.
According to the Office of Foreign Assets Control (OFAC), the three individuals are Yunhe Wang, Jingping Liu and Yanni Zheng, while the companies are named Spicy Code Company Limited, Tulip Biz Pattaya Group Company Limited and Lily Suites Company Limited. owned by Yunhe Wang and registered in Thailand.
The three created and operated 911 S5, a massive botnet that controls a residential proxy service known as “911 S5.”
Painful sanctions
A residential proxy botnet is a network of compromised devices, usually PCs, smartphones and the like, located in residential areas. They are usually hijacked via malware and controlled to provide other cybercriminals with ways to route internet traffic and thus remain anonymous while performing illegal activities online.
“These individuals leveraged their malicious botnet technology to compromise personal devices, allowing cybercriminals to fraudulently secure economic relief intended for those in need and terrorize our citizens with bomb threats,” said Secretary of State Brian E. Nelson. “The Treasury Department, working closely with our law enforcement colleagues and international partners, will continue to take action to disrupt cybercriminals and other illicit actors seeking to steal from American taxpayers.”
These sanctions mean that American companies, banks and other entities are not allowed to do business with these people or these companies. Additionally, U.S. companies are not allowed to do business with other companies that do serve these individuals, so the outcome can be quite painful for those on the receiving end.
Apparently the three people offered a free VPN service, which came with a piece of malware that added their devices to the botnet. The botnet was later used by cybercriminals for a variety of things, including bomb threats made in the US two years ago. BleepingComputer reported.