2024 will forever be remembered as the 'Year of Global Outages,' revealing the fragility of over-automated systems. A single cybersecurity provider’s disruption triggered global chaos—freezing transactions, grounding flights, and crippling healthcare. The call for resilience is deafening.
As we close the book on 2024, we welcome you to our Holiday Edition, where we unwrap the biggest stories that defined a whirlwind year in AI and cyber affairs—a celebration of relentless innovation, jaw-dropping rivalries, and high-stakes power plays that kept us captivated all year round.
Cisco faces fallout from a massive data leak exposing critical files, while China accuses the U.S. of cyber espionage amid rising tech tensions. AI governance sparks debate as Europe enforces strict rules, and ASIC sues HSBC for $23M scam failures. Global cyber affairs take center stage this week.
Massive Botnet Dismantled and Administrator Arrested in 911 S5 Case, FBI Reports
The FBI dismantled the 911 S5 botnet, infecting over 19 million IPs. Administrator YunHe Wang, facing up to 65 years, earned $99 million from malware and proxy services. Authorities seized 23 domains and 70 servers.
The FBI, in collaboration with international partners, has successfully dismantled a major botnet that infected over 19 million IP addresses across 200 countries, concealing various cybercrimes for years.
The alleged mastermind of the 911 S5 botnet, an individual known as YunHe Wang, a Chinese national, was arrested on 24 May and could face up to 65 years in jail, per DOJ.
They also flagged Wang and several associates, and three Thai companies, for their role in the botnet.
Starting in 2014, Wang is accused of using his own malware to hack into more than 600,000 Windows operating systems around the world, including 600,000 different IP addresses in the United States alone.
Prosecutors claim he was paid around $99 million by subscribers for use of the residential proxy service, which would let end users ‘browse the internet using the IP address of a computer owned by an innocent person’ in an effort to hide their own activity
Wang is charged with counts of computer fraud, wire fraud, and money laundering.
“This Justice Department-led operation was comprised of law enforcement partners around the globe that disabled 911 S5, a botnet that aided cyber‑attacks, wholesale fraud, child exploitation, harassment, bomb threats and exports violations,” the Attorney General Merrick B Garland said.
The company’s prosecutors later reported that the service had defrauded the government of $5.9 billion in relief funds from federal pandemic programmes.
According to court documents, Wang allegedly spread his malware through VPN programmes (such as MaskVPN and DewVPN, which he also ran as a torrent distribution model), as well as through pay-per-install services (which bundled his malware content into separate program files, including pirated versions of licensed software or material protected by copyright).
Wang hosted and leveraged approximately 150 dedicated servers worldwide (of which he leased a maximum of 76 from online service providers in the United States) to deploy and manage the applications, command and control the infected devices, operate his 911 S5 service and offer paying customers use of proxied IP addresses from the infected devices.
They raided the present incarnation of a now-defunct residential proxy service that shuttered in August 2022, capturing 23 domains and more than 70 servers.
These servers acted as the ‘backbone’ of the former initiative and the current one, the DOJ said.
‘The seizure of numerous domains associated with the historic 911 S5, in addition to several new domains and services associated with a recreation of the service, has stopped Wang’s attempts to further abuse his victims through a reconstituted service called Clourouter.io and closed the open backdoors he exploited when he was shut down earlier,’ the DOJ said.
Investigators say Wang used money from that service to buy properties in the US, China, Singapore, Thailand, the United Arab Emirates and St Kitts and Nevis, where he is a citizen.
Among the luxury cars scheduled to be seized are a Ferrari F8, several BMWs and a Rolls Royce. His 21 properties are also in jeopardy.
The investigation into 911 S5 surfaced due to an investigation into more than 2,000 orders made with stolen credit cards by fraudsters operating on ShopMyExchange, an e-commerce site affiliated with the Army and Air Force Exchange Service.
The Ghanaian and US-based fraudsters apparently obtained IP addresses from 911 S5.
The FBI and DOJ has taken down several botnets this year linked to nation-state hacking operations.
In January, it announced the dismantling of a botnet of infected home routers – part of the China-linked APT group Volt Typhoon – and, in February, dismantling a version of this botnet network, this time used by Russia’s GRU-linked APT28 group.
China’s "Salt Typhoon" hackers have breached U.S. telecoms, raising cyber tensions. Experts warn of the threat to international stability, emphasizing the need for collaborative strategies to prevent escalation amid ongoing economic competition.
Chinese hackers allegedly breached U.S. telecoms tied to Harris and Trump campaigns, highlighting election security gaps. AI-driven deepfakes and disinformation also surge on social media, raising risks to democracy as voters near Election Day.
CrowdStrike's disastrous July 19 software update crippled Jetstar and exposed vulnerabilities, causing a global IT outage. Competitors like SentinelOne exploited the chaos, shaking customer trust and eroding CrowdStrike's market value by 25%.
This week, the cybersecurity world is in turmoil following a massive data breach at National Public Data. The breach, involving 2.9 billion records, has exposed sensitive information spanning decades.