Security News > 2024 > May > US govt sanctions cybercrime gang behind massive 911 S5 botnet

US govt sanctions cybercrime gang behind massive 911 S5 botnet
2024-05-28 19:02

The U.S. Treasury Department has sanctioned a cybercrime network comprising three Chinese nationals and three Thailand-based companies linked to a massive botnet controlling a residential proxy service known as "911 S5.".

Researchers at the Canadian University of Sherbrooke revealed almost two years ago, in June 2022, that this illegitimate residential proxy service lured potential victims by offering free VPN services to install malware designed to add their IP addresses to the 911 S5 botnet.

At the time, the botnet controlled approximately 120,000 residential proxy nodes from all over the world, all of which communicated with multiple command-and-control servers located offshore or hosted within a cloud server.

"The 911 S5 botnet was a malicious service that compromised victim computers and allowed cybercriminals to proxy their internet connections through these compromised computers," said the Office of Foreign Assets Control on Tuesday.

"Once a cybercriminal had disguised their digital tracks through the 911 S5 botnet, their cybercrimes appeared to trace back to the victim's computer instead of their own."

US govt sanctions Iranians linked to government cyberattacks.


News URL

https://www.bleepingcomputer.com/news/security/us-govt-sanctions-cybercrime-gang-behind-massive-911-s5-proxy-botnet-linked-to-illegitimate-residential-proxy-service/