US Sanctions Chinese Nationals and Thai Entities for Cyber Fraud Botnet

US Sanctions Chinese Nationals and Thai Entities for Cyber Fraud Botnet
US Sanctions Chinese Nationals and Thai Entities for Cyber Fraud Botnet
US Sanctions Chinese Nationals and Thai Entities for Cyber Fraud Botnet
US Sanctions Chinese Nationals and Thai Entities for Cyber Fraud Botnet

US Sanctions Chinese Nationals and Thai Entities for Cyber Fraud Botnet

US Sanctions Chinese Nationals and Thai Entities for Cyber Fraud Botnet

US Sanctions Chinese Nationals and Thai Entities for Cyber Fraud Botnet

Key Highlights:

  1. Three Chinese nationals and three Thai entities sanctioned for cyber fraud.
  2. The 911 S5 botnet compromised 19 million IP addresses, aiding COVID aid fraud.
  3. US Treasury Department coordinated with FBI, DCIS, and international partners.

Washington [US], May 29 : The US Treasury Department has sanctioned three Chinese nationals and three Thailand-based entities for their association with a malicious botnet that facilitated cyber fraud, resulting in billions of dollars in losses to the US government. This botnet also contributed to bomb threats and fraudulent applications for COVID-19 aid.

The 911 S5 botnet compromised around 19 million IP addresses, enabling its users to submit tens of thousands of fraudulent applications related to the Coronavirus Aid, Relief, and Economic Security Act programs. This botnet allowed users to commit widespread cyber-enabled fraud by exploiting compromised victim computers linked to residential IP addresses. Additionally, these compromised IP addresses were associated with a series of bomb threats in the US in July 2022.

The Federal Bureau of Investigation (FBI), Defence Criminal Investigative Service (DCIS), and the US Department of Commerce’s Office of Export Enforcement, along with partners in Singapore and Thailand, collaborated to sanction the involved individuals and entities.

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated Yunhe Wang, Jingping Liu, and Yanni Zheng for their involvement with the botnet. OFAC also sanctioned three entities—Spicy Code Company Limited, Tulip Biz Pattaya Group Company Limited, and Lily Suites Company Limited—owned or controlled by Yunhe Wang. Under Secretary Brian E. Nelson stated that these individuals used their botnet technology to enable cybercriminals to fraudulently obtain economic assistance and terrorize US citizens with bomb threats.

As a result of these sanctions, all property and interests in property of the designated individuals and entities within the US or under US control must be blocked and reported to OFAC. US regulations generally prohibit all dealings by US persons or within the US that involve any property or interests in property of a blocked or designated entity.

In a related action in March, the Treasury Department, in collaboration with the US Department of Justice, FBI, Department of State, and the UK Foreign, Commonwealth & Development Office (FCDO), targeted actors linked to the Chinese state-sponsored APT 31 hacking group. OFAC sanctioned Wuhan Xiaoruizhi Science and Technology Company, Limited (Wuhan XRZ), a front company for the Chinese Ministry of State Security (MSS), along with Zhao Guangzong and Ni Gaobin for their roles in malicious cyber operations targeting US critical infrastructure sectors.

(Inputs from

Facebook
Twitter
LinkedIn
Telegram
WhatsApp
Email
Note: You have to fill-up above all respective field, then click below button for send your message