Hackers use financial website vulnerabilities to charge 1 yuan for 200 thousand, resulting in 18 million loss of websites.

category:Global
 Hackers use financial website vulnerabilities to charge 1 yuan for 200 thousand, resulting in 18 million loss of websites.


After that, the loopholes were disclosed to the public, resulting in a 2 mad marketing website being 18 million. Registration of a large number of new users within 2 hours It has to be told in the afternoon of September 14, 2017. At that time, a company in Shandong told the police that they had broken their website, and the companys money in the third party payment company was transferred to more than 1800 yuan. This is an investment company. They are attacked by their financial website. In May 2, 2018, Gu Wei, a police brigade of the public security network, told reporters: after the successful registration of the financial website, the users can invest and cash on the Internet, and the transfer of their funds is carried out through the accounts of the third party payment companies. In order to maintain normal daily operation, the investment company will maintain 30 million yuan in the third party payment companys account. But the police survey found that from 12 oclock in September 14, 2017 to 2 p.m. in just two hours, a large number of new users were registered with the financial website, and a large amount of funds in the accounts of the third parties were removed and raised by these new users. After the case, the police set up a special case group and divided the army into two routes: one way to the Public Security Bureau of Shandong and the Jinan Public Security Bureau anti fraud center, through the detection platform of the telecom fraud case, the 16 abnormal transfer funds were paid to more than 400 yuan RMB. The other way to Shanghai, Xiamen and other places to collect relevant data, Shanghai It is the location of the third party payment company, and the company that maintains the operation of the financial website is in Xiamen. Finally, through the comparative analysis of these accounts, the police obtained clues and successfully locked the first suspect, Huang Di, who attacked the financial website of a company in Shandong. 80 thousand yuan to sell loopholes, also announced in the QQ space Huang Di is 28 years old, from Boluo, Guangdong. Police Gu Wei said. Prior to that, Huang Di had been dealt with by the local police for illegal intrusion into the computer system. Originally, Huang Di, who had no proper career, stroll around the Internet all day, and tried to make money by using his computer technology. By chance, he found that there was a loophole in the third party payment jump of a companys financial website in Shandong. So Huang Dixian registered at the financial website and recharged 1 yuan, robbing data packets and tampering with data with some software. After modifying the data, although he actually recharged 1 yuan, the system thought he had 200 thousand yuan in his account. Police Gu Wei said that Huang Dis cash offer is 200 thousand, not 300 thousand or more, because the maximum amount of system withdrawals is 200 thousand yuan. After his success, Huang Di, who had a previous record, was very cunning: he sold the loophole to another hacker at a price of more than 80 thousand yuan, and then made public in his QQ space, causing the vulnerability to be widely used by other hackers. The most hacker has transferred 2 million 600 thousand yuan from the pool of funds. Police said that the purpose of Huang Dis move was to confuse the public and interfere with the polices investigation line so that they could escape. It is worth mentioning that second days after police arrested Huang Di, another hacker, Xie, was conscious of something bad. He also called Huang Dis telephone for trial. When the police answered the phone, they told the interest of Xies incident and made it clear and sensible. Soon, Xie was forced to surrender himself to the police station under pressure. 18 suspects were caught in the net and frozen to nearly ten million yuan In May 2nd, the police have learned from the police: as of now, the police have captured 18 suspects, including 9 criminal detention, 2 bail pending trial, 15 computers involved in the case, 27 mobile phones, 46 bank cards, 9 million 870 thousand frozen and recovered funds involved in the case, which knocked out the oversize network of the Ministry of public security supervision and the destruction of computer information in 22 provinces in the country. Burglary gang. These are the whole set of information they paid for. Police introduction: a complete set of identity information including ID card, telephone card and five corresponding bank cards; one bank card or U shield is used to operate on the Internet. Some people in remote areas feel that ID card is useless, and it is sold to others for 200 yuan. The recipients will use these ID cards to process telephone cards and bank cards, and then sell them at a high price of 1000 yuan. And some financial websites in the user registration, only pay attention to the consistency of personal information, but can not authenticate whether I am in the registration, operation, this also gives the illegal elements to the opportunity. The police told reporters that the virtual nature of the Internet has led some people to do evil in the virtual world under the temptation of high profits. At the same time, the police will further improve the ability to combat network crime, change the passive to the initiative, play Gang, hit the source, increase the strength and depth of the attack, and also remind the general public: carefully screening all kinds of websites, software and false, do not provide personal information.