The United States and Europe have jointly announced major takedowns of cybercrime networks that have defrauded individuals and organizations out of billions of dollars.
In the US, authorities arrested Chinese national YunHe Wang and seized luxury assets, including a Ferrari, several luxury watches, and 21 properties. Meanwhile, Europol, Europe’s law enforcement agency, made four arrests but reported that eight fugitives remain at large and will be added to Europe’s “most wanted” list.
Both the US Department of Justice (DoJ) and Europol claim their operations represent the largest bust of a “botnet” in history. Cybercriminals utilize these botnets to take control of people’s computers and install malicious software, which can collect sensitive data, send spam, or even delete personal files without the owner’s consent.
According to the DoJ, Wang is accused of using a botnet to compromise more than 19 million devices in nearly 200 countries. Nicole Argentieri, the principal deputy assistant attorney general, stated, “Wang created malware that compromised millions of residential computers worldwide and sold access to these infected systems to cybercriminals.” This access allowed criminals to conceal their identities and engage in various offenses, including fraud, child exploitation, harassment, and even bomb threats.
The DoJ estimates that over 500,000 fraudulent unemployment insurance claims were sent from computers under Wang’s control, resulting in losses exceeding $5.9 billion (£4.6 billion). The agency claims that Wang used the proceeds from his cybercrimes to purchase $60 million worth of luxury assets, including a Ferrari, a Rolls-Royce, two BMWs, and several watches, as well as bank accounts and cryptocurrency wallets. He also acquired properties in the US, St. Kitts and Nevis, China, Singapore, Thailand, and the United Arab Emirates.
Wang faces multiple charges, including conspiracy to commit computer fraud, substantive computer fraud, conspiracy to commit wire fraud, and conspiracy to commit money laundering. If convicted on all counts, he could face a maximum sentence of 65 years in prison.
On the European front, Europol reported that it has arrested the ringleaders of several cybercrime networks utilizing botnets. Arrests have been made in Armenia and Ukraine, and servers have been dismantled across the globe, including in the UK, US, and Germany. European law enforcement now controls over 2,000 websites linked to these criminal activities.
One of the main suspects reportedly earned over €69 million (£58 million) in cryptocurrency through ransomware, a method that installs software rendering a person’s computer inaccessible until a fee is paid. Europol has also announced plans to add eight fugitives wanted in Germany for their involvement in cybercrime to its most wanted list.
The malicious software primarily infiltrated individuals’ devices through phishing attempts and compromised websites. Europol indicated that the takedown, dubbed Operation Endgame, is ongoing, with further operations planned for the future.