Sunday, September 8, 2024
HomeCyber CrimeBank Software Cheif Jailed For Finding a Way to withdraw $1M Free...

Bank Software Cheif Jailed For Finding a Way to withdraw $1M Free Cash From ATM

Published on

Qin Qisheng, 43, a senior programmer has been jailed for 10 and a half years for developing a way to withdraw more than US$1 million through ATMs as free cash.

Qin was a former technology department manager in China based Huaxia Banks. He spotted a hole in the bank core operating system allows unrecorded cash withdrawals during midnight.

The flaw was discovered by Qin back in 2016 and in the same year November he added some additional scripts which allow him to test the vulnerability without triggering alerts.

- Advertisement - EHA

He managed to withdraw between 5,000 yuan and 20,000 yuan in years from bank dummy account used for testing and January 2018 he had amassed over seven million yuan which is equal to million US dollars without reporting to his superiors, reported by South China Morning Post.

Qin deposited the money to his own bank account and invested some in the stock market, the problem is that the system was designed without considering night trading.

The Bank accepted Qin explanation of testing the system for loopholes, but authorities denied it and he was jailed of theft and sentenced him 10 and half years in jail with a fine of 11,000 yuan.

“The bank said that the accused’s behavior was in violation of the rules. On the other hand, he said that he could conduct relevant tests. This is self-contradictory.”

“This irregular activity in the dummy account was detected and verified during a manual check at a subsidiary branch in Cangzhou, Hebei in January last year and the bank reported the incident to relevant authorities.”

Huaxia Bank bank asked authorities to drop the case as Qin recovered all the money, but the authorities denied saying the request was not accepted as “legitimate” by law enforcement, and therefore Qin must serve his sentence.

Last December a new tool called KoffeyMaker cybercriminals to steal money from ATM by connecting a laptop with the ATM machine cash dispenser.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Vulnerabilities in IBM Products Let Attackers Exploit & Launch DOS Attack

IBM has issued a security bulletin addressing critical vulnerabilities in its MQ Operator and...

BBTok Abuses Legitimate Windows Utility Command Tool to Stay Undetected

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions...

Predator Spyware Exploiting “one-click” & “zero-click” Flaws

Recent research indicates that the Predator spyware, once thought to be inactive due to...

Tropic Trooper Attacks Government Organizations to Steal Sensitive Data

Tropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group,...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Vulnerabilities in IBM Products Let Attackers Exploit & Launch DOS Attack

IBM has issued a security bulletin addressing critical vulnerabilities in its MQ Operator and...

BBTok Abuses Legitimate Windows Utility Command Tool to Stay Undetected

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions...

Predator Spyware Exploiting “one-click” & “zero-click” Flaws

Recent research indicates that the Predator spyware, once thought to be inactive due to...