The U.S. Department of Justice and international partners have dismantled the 911 S5 proxy botnet and arrested its administrator, 35-year-old Chinese citizen Yunhe Wang, in Singapore, Bleeping Computer reports.

“Working with our international partners, the FBI conducted a joint, sequenced cyber operation to dismantle the 911 S5 Botnet—likely the world’s largest botnet ever,” said FBI Director Christopher Wray.

Back in 2011, Yunhe Wang and his accomplices downloaded malware onto victims’ devices using several malicious VPN applications. The VPN programs that added compromised devices to the 911 S5 home proxy service included MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN, and ShineVPN.

The FBI provides detailed information on how to determine if you are a victim of 911 S5 malware.

Between 2014 and July 2022, the attackers created a network of millions of Windows home computers around the world, linked to more than 19 million unique IP addresses.

“Wang [..] managed and controlled approximately 150 dedicated servers worldwide, approximately 76 of which he leased from U.S. based online service providers,” the Justice Department said.

In June 2022, researchers from Sherbrooke University found that 911 S5 operators lured potential victims by offering free VPN services.

The U.S. Department of Justice has now sent arrest warrants to registrars and registrants to seize domains used by the criminal network.

Wang earned about $99 million by selling access to proxy servers to cybercriminals. The criminals used the compromised devices’ Internet connections for a wide range of crimes, including cyberattacks, bomb threats, child exploitation, large-scale fraud, harassment, and export violations.

They also used proxy servers to submit 560,000 fraudulent unemployment claims and more than 47,000 applications for Emergency Individual Disaster Loans (EIDLs), resulting in the theft of billions of dollars from financial institutions, credit card issuers, and federal lending programs.

The US Treasury Department imposed sanctions against Yunhe Wang, Jingping Liu (a money launderer), Yanni Zheng (acting on behalf of Yunhe Wang) and three companies (Spicy Code Company Limited, Tulip Biz Pattaya Group Company Limited and Lily Suites Company Limited) that were either owned or controlled by Wang.