Just by offering a useful (and usually expensive) service for free, hackers have been able to ensnare millions of victims
Recently, the Federal Bureau of Investigations (FBI) announced the arrest of a 35-year-old Chinese national in Singapore for allegedly operating one of the world’s largest botnets — through distributing a rigged virtual private network (VPN) service for free online.
The botnet, known as 911 S5, compromised millions of computers worldwide, turning them into ‘’zombie” machines that were apparently implicated in various cybercrimes including financial fraud, identity theft, and child exploitation.
Wang and his associates had distributed malware through VPN applications such as MaskVPN and DewVPN. These VPNs were rigged with proxy backdoors that allowed Wang to gain control over the infected devices and use them as part of the 911 S5 proxy service. Wang also sold access to these devices to other cybercriminals. This enabled them to disguise their locations and conduct illegal activities anonymously.
The 911 S5 botnet was particularly prolific, infecting millions of devices and generating around 19m unique IP addresses for subsequent use in fraudulent unemployment insurance claims, as well as Economic Injury Disaster Loan applications in the USA during the COVID-19 pandemic.
Cyber lessons from the incident
We can definitely learn some important lessons from the way Wang and his gang operated the scam.
Their business model was to offer a usable and useful privacy tool to bait a large user base, and then leverage the unauthorized access to the user devices to run a botnet for revenue-generating cybercriminal activities.
Other key findings include:
- Avoid VPNs and other powerful software offered for free: Free VPN services often come with hidden costs. In this case, several free VPN applications were used to distribute malware. It is crucial to research and choose reputable VPN providers that offer transparency about their security practices and data handling policies. Similarly, other software that has access to your smart device’s sensitive data — even those offered in in the official app stores— available for free download and usage must be treated as potentially hazardous or insidious until proven otherwise.
- Trust no app: Free or otherwise, any app installed on a smart device could act normally upon installation, but host trojan features that pop up much later when you least expect it. Even fully legitimate, widely-used software can be turned into a global cyber threat if hackers find a zero day vulnerability in them. Therefore, follow the best practices for internet security and device security at all times.
- Check reviews and ratings: Before downloading any “free” software, check its reviews and ratings from reliable sources. Look for feedback regarding security issues and any past incidents of malware distribution. Note: hackers are fully capable of planting fake testimonials, so do your homework carefully: seek out authoritative reviews whose veracity can be verified in some way online.
- Understand device permissions and cyber hygiene: Be wary of the permissions requested by VPN and other free applications. If an app asks for excessive or unnecessary permissions, it could be a red flag. As for cyber hygiene, follow best practices for setting and maintaining complex, unique passwords, backing up personal data regularly, limiting the publishing of personal information on social media, and avoiding free public Wi-Fi and all kinds of juicy-sounding clickbait articles online.
- Use antivirus software: Ensure you have reputable cybersecurity software installed, and keep it updated and always “listening” for suspicious app activity. This can help detect and prevent malware infections from malicious software that has somehow managed to sneak into the device.
Finally, the most important tip of all is: tips are only useful when people use them conscientiously, and keep on staying updated on any updated scam tactics used to circumvent their effectiveness.
Therefore, remember to keep abreast of cybersecurity news, such as by subscribing to CybersecAsia’s newsletter and perusing the website’s features and tips regularly. Spread your knowledge around to keep others safe, because you may one day rely on their cyber safety to be safe yourself. Awareness can help you and everyone around you to make better decisions regarding the software you choose to install, and how to put the apps on tight reins to do only what they are supposed to do.
