Online Fraud - Police Agencies Recover Stolen $Millions

Uploaded on 2024-05-31 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

US and EU law enforcement agencies have separately announced major take-downs of cyber crime networks that had defrauded people of $billions. 

Law enforcement agencies in Singapore and Thailand, as well as Microsoft, were amongst the organisations that helped with the investigation. 

Both the US Department of Justice (DoJ) and Europol each claimed their operations were the biggest bust of a botnet in the world and the DoJ said Mr Wang is accused of using a botnet to hack into more than 19 million devices across almost 200 countries. 

A court-authorised international law enforcement operation led by the US Justice Department disrupted a botnet used to commit cyber attacks, large-scale fraud, child exploitation, harassment, bomb threats, and export violations. The US has arrested a 35-year-old Chinese national YunHe Wang and seized assets including an expensive sports car, luxury watches and 21 properties. The Chinese man, YunHe Wang, is accused of helping assemble a vast network of infected computers, known as a botnet, that was used to carry out bomb threats, send child exploitation materials online and conduct financial fraud, amongst other schemes. The DoJ said Mr Wang is accused of using a botnet to hack into more than 19 million devices across almost 200 countries. 

Cyber criminals used the botnet to submit tens of thousands of fraudulent applications for US federal relief  during  the Covid pandemic, costing an estimated $20 million.

Meanwhile, Europol has made four arrests they also said that 8 criminals are now on the run and they will be added to European police forces' "most wanted" list. Cyber criminals use so-called botnets to take over peoples' computers and install malicious software. This software can then be used to collect data from a computer, send spam or even delete person data without the owner's knowledge. 

Nicole Argentieri, principal deputy assistant attorney general at the DOJ commented "Wang created malware that compromised millions of residential computers around the world and then sold access to the infected computers to cyber criminals." She said criminals used this access to conceal their identity and "anonymously commit a wide array of offenses". These include fraud, child exploitation and harassment, and bomb threats. 

It is estimated that more than 500,000 fraudulent unemployment insurance claims were sent from computers under his control, resulting in a loss of more than $5.9bn (£4.6bn). 

The DOJ accused Mr Wang of using the proceeds to buy $60m worth of luxury assets, and said it had seized a Ferrari, a Rolls-Royce, two BMWs and several watches, as well as bank accounts and crypto-currency wallets. He also bought property in the US, St Kitts and Nevis, China, Singapore, Thailand and the United Arab Emirates, it said. Mr Wang has been charged with conspiracy to commit computer fraud, substantive computer fraud, conspiracy to commit wire fraud and conspiracy to commit money laundering.  If convicted on all counts, he faces a maximum penalty of 65 years in prison. 

Europol said it had arrested the ringleaders of several cybercrime networks that used botnets. It has made arrests in Armenia and Ukraine and taken down servers across the world including in the UK, the US and Germany. More than 2,000 websites are now controlled of European law enforcement agencies.

Europol said one of the main suspects had made more than €69 million (£58m) in crypto-currency using ransomware, installing software that makes it impossible for a person to access their computer unless they pay a fee.  The malicious software got on peoples' devices mainly through through phishing attempts - such as the kind of emails people are advised not to click on - and compromised websites.  

Europol said the investigate, named Operation Endgame, is ongoing and it has plans for future arrests with further police action are to  be announced. 

DoJ   |   Europol |   BBC   |   CNN   |    AU.News   |    AoL   |    ABC  

Image: Europol

You Might Also Read: 

LockBit Resurrection:

DIRECTORY OF SUPPLIERS - Fraud Detection & Prevention:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Telecoms - Beware Of The DDoS Threat Actor
Email Encryption: What It Is & How It Works »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

authen2cate

authen2cate

Authen2cate offers a simple way to provide application access with our Identity and Access Management (IAM) solutions for enterprise, small business, and individual customers alike.

The Josef Group (TJG)

The Josef Group (TJG)

The Josef Group Inc. is a certified woman-owned permanent staffing agency specializing in Information Technology, Engineering, and US Government "cleared" IT candidates.

ComSec LLC

ComSec LLC

ComSec perform threat assessments to identify vulnerabilities and help protect businesses against corporate espionage via electronic eavesdropping.

Israel National Cyber Directorate (INCD)

Israel National Cyber Directorate (INCD)

The Israel National Cyber Directorate is the national security and technological agency responsible for defending Israel’s national cyberspace and for establishing and advancing Israel’s cyber power.

Digital Guardian

Digital Guardian

Digital Guardian is a next generation data protection platform designed to stop data theft.

Mission Secure (MSi)

Mission Secure (MSi)

MSi is a specialized provider of next generation cyber defense solutions protecting control systems and critical physical assets in energy, transportation and defense.

Georgia Cyber Center

Georgia Cyber Center

Georgia Cyber Center is dedicated to training the next generation of professionals through education and real-world practice while also supporting innovation in new technologies for online defenses.

Slovenska Akreditacija (SA)

Slovenska Akreditacija (SA)

Slovenska Akreditacija is the national accreditation body for Slovenia. The directory of members provides details of organisations offering certification services for ISO 27001.

BullGuard

BullGuard

BullGuard is an award-winning cybersecurity company focused on providing the consumer and small business markets with the confidence to use the internet in absolute safety.

ByteSnipers

ByteSnipers

ByteSnipers specialize in penetration testings and secure development services. Our focus is on your security.

Kirk ISS

Kirk ISS

Kirk ISS are the leading provider of IT services in the Cayman Islands. We offer best-in class hardware, software, communications and cloud computing, all backed by professional services support.

NormCyber

NormCyber

NormCyber provide award-winning cyber security and data protection as a service for midsize organisations.

Positiwise Software Pvt Ltd

Positiwise Software Pvt Ltd

Positiwise Software offers end-to-end software development solutions to accelerate the digital growth of businesses.

Alset Technologies

Alset Technologies

Alset Technologies provides DASH - a comprehensive solution to DISA STIG (Security Technical Implementation Guide) compliance.

Cybit

Cybit

Cybit is the one-stop-shop for digital transformation that scales in line with your growth.

Upwind Security

Upwind Security

Upwind delivers comprehensive cloud security, precisely when and where it’s most critical.