Criminals can use "cloud programs" to make user accounts "puppets"
Beware of "WeChat Clean Fans" stealing account funds
Many people have received "recommendations" from friends on their mobile phones: "I'm using the WeChat fan cleaning software, which is very easy to use. Come and scan the code and try it together." Some people are looking for a special fan cleaning software. "Cleaning up WeChat" for myself, I don't know that my personal information has been leaked before I know it, and it has become a tool for others to make money.
A reporter from the Beijing Youth Daily learned on October 29 that the Shanghai police cracked such a major case recently, and criminals used "cleaning fans" to make a profit of more than 8 million yuan.
WeChat "Clean Fan" scans the phone
Personal information stolen
Not long ago, Miss Zheng wanted to "clean up fans" for her circle of friends, so she found a store called "Little Sparrow Cleaner Assistant" on the Internet.
She paid 5 yuan for the service fee according to the prompts, scanned the QR code provided by the "Clean Fan Assistant", and the mobile phone was "scanned" in depth to obtain a "physical examination report."
After a series of operations, Ms. Zheng did receive a "Physical Examination Report" from WeChat. In addition to showing the number of detected friends, she will also block her friends' business cards one by one.
What Ms. Zheng didn't know was that when she started "scanning", her information and data had been synchronized and transmitted to the server of the criminal gang.
Like Ms. Zheng, almost all the victim users did not know that their information had been stolen, so that no one reported the case to the public security organs until the incident occurred.
Under the guidance of the Shanghai Municipal Bureau's Internet Security Corps, the Minhang Branch of the Shanghai Municipal Public Security Bureau immediately launched an investigation and evidence collection, and a criminal gang gradually emerged.
The police successively launched net-recovery operations in Shanghai, Sichuan, Zhejiang, and Hunan, and arrested 4 criminal suspects.
It is reported that at the beginning of the development of the program, the suspect Wang and four other people made it clear that the application has the function of stealing citizen information.
The user will not find this "hidden" function during use.
Criminal gangs use stolen citizen information to provide customers with a large number of paid "swipe orders", "likes" and network traffic services required by customers.
In addition, on the basis of software research and development, criminal gangs have widely recruited online agents, and more than 300 agent online shops have participated in the "sale" of this application.
As of the incident, the police had obtained more than 8 million yuan in illegal profits through 14 months of operation and maintenance of the above-mentioned criminal gangs by checking the running records.
Currently, Zhou Moumou has been criminally detained by Minhang police in accordance with law, and Duan Moumou and others have been arrested by Minhang Procuratorate on suspicion of infringing on citizens’ personal information. The case is under further trial.
Illegal access to group chat QR code
Black production gangs eye on "change balance"
In fact, this is not the first time that the police have uncovered a case of stealing users' personal information in the name of "WeChat Clean Fans".
At the beginning of May 2020, Cangnan, Wenzhou, locked a criminal gang specializing in the development and production of "fan cleaning software". The gang produced and sold more than 20 types of "fan cleaning software".
On September 17, 2020, in a WeChat "cleaning fan" case cracked in Nantong City, Jiangsu Province, criminals used the "cleaning fan" software to illegally obtain computer information system data, and finally 5 criminal suspects were arrested.
According to police disclosures, in just three months, the criminal gang illegally obtained more than 20 million WeChat group chat QR codes from users under the name of "cleaning up zombie fans," resulting in an illegal profit of more than 2 million yuan and more than 1,500 related cases. Involving more than 20 provinces and cities.
A reporter from the Beijing Youth Daily synthesized many cases and feedback from netizens, and found that "WeChat clearing fans" is much more than just "helping others make money."
A netizen who has used this type of WeChat fan cleaning software said that he just scanned a QR code. After a while, a friend called him and asked if the WeChat was poisoned. All the posts in the circle of friends were rubbish. Advertisements, and also send similar advertisements to all friends in WeChat.
This type of WeChat fan-cleaning link and QR code will not only post advertisements, but may also embezzle the user's personal account information.
After logging into the victim’s WeChat account, the criminals will steal the WeChat “invite into group chat” QR codes in batches through technical means, save these group chat QR codes in the form of pictures on the server, and then resell them to downstream users. Criminal groups such as fraud and gambling make profits.
There are even black production gangs for profit, eyeing the victim’s "change balance", using technical means to crack the payment password, and then recharge through some online game recharge sites to "realize", taking the opportunity to steal the victim's property.
Police reminder: Don’t click easily
Unknown link and QR code
Li Ningbin, a policeman from the Police Support Detachment of Beijing Tongzhou Public Security Bureau, who has many years of experience in countering electronic fraud, introduced in an interview with a reporter from Beijing Youth Daily. Qingfen.
The first method: implanting Trojan horse virus to obtain citizens' personal information.
Let the clean fan app downloaded by the victim carry the Trojan horse virus, which can obtain information such as text messages, address book, call history, instant messaging tool contacts, and chat history of the mobile phone.
The second method: website phishing to obtain citizens' personal information.
By inducing the victim to operate on the so-called clean fan website, illegally obtain the victim's instant messaging tool account, login password, SMS verification code, contact and chat history and other information.
The third way: remotely log in to obtain citizens' personal information.
Through the instant messaging tool account provided by the victim, initiate a remote remote login operation, and illegally obtain information such as the contact person and chat history of the victim's instant messaging tool after authorization.
When cleaning up black fans, the parties surrendered control of WeChat to others, and personal data and private information were easily stolen.
In addition, almost all WeChat are tied to bank cards, and the funds paid by WeChat may also be stolen by others.
Criminals can also use "cloud programs" to turn users' WeChat accounts into "puppets". Without the user's knowledge, they can follow a large number of WeChat official accounts, like, forward, and bookmark.
The police reminded you not to trust the so-called "fan cleaning" service, and do not click on unknown links and QR codes to prevent personal citizen information from being stolen.
Platform promoters shall set up website platforms in accordance with the law, implement network and information security protection measures, and strictly prevent the spread of illegal and harmful information. Once a website is found to contain illegal and illegal information, the website administrator will bear legal responsibility in accordance with the law.
Internet industry insiders remind netizens: Don’t trust any “WeChat Fan” advertisements from any channel. If you accidentally scan the “WeChat Authorized Login” QR code sent by others, please change your password as soon as possible to protect your account security.
In addition, always pay attention to the security of your account. In order to prevent the WeChat account from being misappropriated by others, please delete the device that is not logged in by yourself through the relevant settings of the WeChat client.
A reporter from the Beijing Youth Daily learned that on November 1, the "Personal Information Protection Law" will be formally implemented.
The China Consumers Association reminds consumers to learn about the personal information protection laws and other relevant laws on the protection of personal information to understand the processing rules of personal information and sensitive personal information, their own rights in personal information processing activities, and personal information The obligations of the processor and the remedies when the rights and interests of personal information are infringed, etc., further enhance the awareness and ability of personal information protection, and use legal weapons to guide consumer practices.
Text/Reporter Zhang Xin and Dong Zhenjie
Coordinator/Yu Meiying Bailong