Skip to main content

Already a subscriber? Make sure to log into your account before viewing this content. You can access your account by hitting the “login” button on the top right corner. Still unable to see the content after signing in? Make sure your card on file is up-to-date.

The United States Treasury has announced new sanctions on three Chinese individuals and three Thai companies implicated in a significant cybercrime network.

The US Treasury revealed that these entities were involved in the 911 S5 botnet, a notorious cybercrime operation responsible for bomb threats and fraudulent COVID-19 aid applications. This cyber network misled authorities by redirecting cybercriminal activities back to the computers of unsuspecting victims, resulting in billions of dollars in government losses.


What they did:
According to the Treasury, the cybercriminals compromised approximately 19 million IP addresses and facilitated the submission of tens of thousands of fraudulent applications related to the Coronavirus Aid, Relief, and Economic Security Act programs by its users, resulting in the loss of “billions of dollars” to the US government. The IP addresses compromised by the 911 S5 service were also linked to a series of bomb threats made throughout the United States in July 2022.

In a statement, Brian Nelson, the Treasury undersecretary for terrorism and financial intelligence, said, “These individuals leveraged their malicious botnet technology to compromise personal devices, enabling cybercriminals to fraudulently secure economic assistance intended for those in need and to terrorize our citizens with bomb threats.” Nelson noted that this

According to the Treasury, “The 911 S5 botnet was a malicious service that compromised victim computers and allowed cybercriminals to proxy their internet connections through these compromised computers. Once a cybercriminal had disguised their digital tracks through the 911 S5 botnet, their cybercrimes appeared to trace back to the victim’s computer instead of their own.”

Who is sanctioned:
In a press release, the Treasury said Yunhe Wang, Jingping Liu, Yanni Zheng, Spicy Code Company Limited, Tulip Biz Pattaya Group Company Limited, and Lily Suites Company Limited were all sanctioned. According to the Treasury, Yunhe Wang used the funds to acquire luxury real estate in Thailand.


Keep up to date with our latest videos, news and content