On January 21, Pingduo reissued a statement saying that BLACK-GREY gangs stole tens of millions of yuan of platform coupons through system loopholes. At present, Shanghai police have filed a case for network fraud and set up a special group. According to the relevant provisions of property preservation, the orders involved are frozen in batches.
According to Nandus previous reports, since the early morning of January 20, Pingduo has been exploded with major system vulnerabilities, and registered users of the platform can get 100 yuan threshold-free coupons many times by scanning two-dimensional codes. After the discovery of a full-time Wool Party, it began to spread on many social platforms, and a large number of users received this coupon for consumption on the platform. Some netizens put out pictures on the social platform, saying that they received thousands of 100 yuan no-threshold vouchers one night, and could charge 100 yuan for a phone bill for only 46 cents. Some people did not sleep at night and filled 30,000 oil cards. Some netizens also said that they recharged hundreds of thousands of Q coins with no-threshold coupons.
Some netizens said they recharged hundreds of thousands of Q coins with no-threshold coupons.
The voucher storm lasted until about 9 a.m. on the 20th. Subsequently, a number of netizens reflected that 100 yuan coupon has been unable to get and the coupon already received can not be used. Pingduo later issued a statement, saying that the system BUG is a black-and-grey gangs through an expired coupon loophole to steal tens of millions of Yuan platform coupons, the platform will track the orders involved.
In the afternoon of the same day, Nandu reporters consulted more customer service on the issue of the coupon can not be used. The customer service said that the coupon has been automatically withdrawn. Subsequently, a number of netizens reported that the products purchased with this coupon had been forced refund processed by the platform, the purchase of physical orders was delayed delivery, the Q-coin account with the coupon recharge was frozen, resulting in the Q-coin purchased without the coupon was frozen.
On the afternoon of January 20, Pingduo official customer service responded to the platform coupon incident.
For the Q coins frozen by ordinary users and the products that have been purchased encounter compulsory refunds from the platform, Pingduo has not yet given a response. Since then, some netizens have published news that using coupons to recharge telephone charges, some users have received short messages from operators saying that illegal channel recharge, telephone charges are fully recovered. Quitou refutes the rumor and lists a number of messages that are also rumors.
In the afternoon of Jan. 20, in response to the problem of more than 20 billion people were killed in online communication, more than 20 million people were killed in the rumor statement issued by more than one person.
A spokesman for Pindo made a statement in the Wechat Friendship Circle.
As Pingduo announced on the 20th, the platform vulnerability is due to BLACK-GREY gangs through an expired coupon loophole to steal tens of millions of yuan of platform coupons. So, how does this group steal coupons, and how can ordinary users get coupons? Pingduo Coupon Storm lasted for more than 9 hours. Bulk coupons were collected and consumed. Does Pingduo have a perfect wind control system that can monitor the abnormal data of the platform at the first time? Are there any problems with the platform air control system?
Around the above focus, Nandu reporters have done a comb.
Focus 1: How do gangs steal coupons in batches and how do ordinary users get them?
The problem of network black and grey production has a long history. Last August, Nandu University Data Research Institute released the Research Report on the Control of Black-and-Gray Production on the Internet. Black-and-gray production has already reached the scale of 100 billion yuan. Behind it, a platform, specialization, refinement, independence and close cooperation industry chain has been formed.
In its latest statement, Pingduo said that the coupons in the incident were obtained by the BLACK-GREY gangs after scanned the two-dimensional codes generated by abnormal ways, which were mostly distributed to the relevant BLACK-GREY groups. Through the two-dimensional code generated by this abnormal way, users of each authentication information can only get a 100 yuan coupon without threshold, instead of a single ID circulated before, they can get unlimited.
Pingduo said that BLACK-GREY gangs tried to transfer improper earnings quickly in a short time by illegal means such as cat pool (using mobile phone cards to keep a large number of virtual accounts) to realize the simultaneous operation of N mobile phone black cards, steal the coupons in batches, and through virtual recharge such as mobile phone charges and Q coins.
The coupons stolen by coupon loopholes used by BLACK-GREY gangs are mostly customized coupons used by previous TV programs (Jiangsu Satellite TV If You Are the One), which are only used by guests on the spot of program recording. In addition, this type of coupon has never appeared at any time, in any way in the normal online promotion activities of the platform, or even no online entrance.
The head of Pingduo Wind Control Team said that after stealing huge coupons and transferring their improper earnings, the BLACK-GREY gangs hoped to achieve the effect of not blaming the public for the law, quickly share the two-dimensional code through the network and social groups, and induce some ordinary consumers to follow the wind and sweep the code in order to achieve the result of evading criminal responsibility and confusing audiences.
Focus 2: Coupon collection and use lasts several hours. Is the platform wind control detected in the first time?
Nandu had previously reported that the storm began in the early morning of January 20 and lasted until about 9 a.m. that day. In nearly nine hours, bulk coupons were collected and consumed. So, does Pingduo have a perfect wind control system, which can monitor the abnormal data of the platform at the first time?
After the incident, some security experts pointed out that the platform will set a threshold for the coupons, combined with the landing IP, accounts, etc., in order to avoid the wool party using virtual equipment batch thin wool. The Pingduo event does not involve virtual devices, and a large number of users use conventional devices to collect and complete transactions. The direct reason may be the lack of platforms wind control system and inadequate capacity.
In the latest statement, Pingduo said that the incident happened at the time of Pingduos New Years Festival, during which a large number of coupons normally issued by the platform were consumed. By 9:00 a.m. on January 20, the sum of stolen coupons and normal coupons broke through the preset threshold of the platform. After the system monitored the anomaly and automatically alarmed, Pingduo fixed the related loopholes in the first time.
Focus 3: The total amount of coupons involved is tens of millions. Who should bear the loss? Orders are frozen in batches. How can users protect their rights?
Previously, there were rumors outside that the overnight turnover of Pingduo reached 33.8 billion yuan, of which 26.3 billion were telephone charges. In this regard, Pingduo spokesman well said that the platform involved coupons without outside rumors of 20 billion, the police can eventually recover a lot, the actual loss rate is less than 10 million.
Until the afternoon of the 20th, unused coupons have been automatically recycled by the platform. Previously, the products purchased with this coupon have been compulsory refund processed by the platform, and the account of Q coins recharged with coupons has been frozen, which has resulted in the freezing of Q coins purchased without coupons before. There are many businesses involved in Pingduo said that the platform system loopholes belong to the lack of supervision. Users receive coupons to place orders in stores and are forced to refund, but the merchants paid the freight, the platform believes that stores violate the rules and punish stores.
Who should bear the loss of business and ordinary users? Pindo hasnt responded yet.
In a statement issued on January 21 by Todo, the police currently freeze the orders in batches in accordance with the relevant provisions of property preservation. The use of coupons that platform consumers normally receive will not be affected. For the ordinary consumers who are trapped, the platform will not be further accountable, but mostly does not support such abnormal behavior.
Pingduo said that the incident was essentially different from a series of capital loss incidents caused by bugs in previous airlines and e-commerce platforms. The former was a civil problem caused by platform misoperation and abnormal issuance. The Pingduo coupon incident was a network fraud case of coupon fraud.
Focus 4: Will the users involved be prosecuted and what kind of punishment will the gangs face?
According to the latest information released by Pingduo, Pingduo reported the incident to the public security organs quickly. At present, Shanghai police have filed a case for network fraud and set up a special team. The platform is cooperating with the police to trace the origin of the related orders, and ultimately according to the investigation results of the police to deal with the relevant orders in accordance with the law. Due to the huge amount of money involved, the public security organs are expected to investigate the criminal responsibility of the black-and-grey production groups suspected of fraudulent securities and seeking huge improper interests.
Zhu Wei, deputy director of the Communication Law Research Center of China University of Political Science and Law, said that there are several types of legal liability for the occurrence of BUG in Pingduo: first, if the occurrence of BUG involves computer system damage, it belongs to the crime of destroying computer information system in the Criminal Law, and the circumstances are particularly serious, facing more than five yearsimprisonment; second, if it does not involve system damage, it is only exploiting loopholes, which is serious. If the crime of theft and infringement of intellectual property rights is involved in practice, if it is not serious, the securities obtained are unjust enrichment and should be returned. Zhu Wei said that in addition to his own brushing, the dissemination of such information may involve accomplices of the above-mentioned offences, but also constitute a crime of Imparting Criminal Methods alone, or constitute administrative penalties for disrupting market order; a small number of brushes generally do not constitute a crime, and the proceeds belong to unjust enrichment, which should be returned in time. However, if the facts are returned after publication, such acts constitute theft. Source: Zhao Yaping_NN9005, Responsible Editor of Southern Metropolitan Daily
Zhu Wei, deputy director of the Communication Law Research Center of China University of Political Science and Law, said that there are several types of legal liability for the occurrence of BUG in Pingduo: first, if the occurrence of BUG involves computer system damage, it belongs to the crime of destroying computer information system in the Criminal Law, and the circumstances are particularly serious, facing more than five yearsimprisonment; second, if it does not involve system damage, it is only exploiting loopholes, which is serious. If the crime of theft and infringement of intellectual property rights is involved in practice, if it is not serious, the securities obtained are unjust enrichment and should be returned.
Zhu Wei said that in addition to his own brushing, the dissemination of such information may involve accomplices of the above-mentioned offences, but also constitute a crime of Imparting Criminal Methods alone, or constitute administrative penalties for disrupting market order; a small number of brushes generally do not constitute a crime, and the proceeds belong to unjust enrichment, which should be returned in time. However, if the facts are returned after publication, such acts constitute theft.