24 hours – Zhejiang Qianjiang Evening News reporter Chen Kaikai correspondent Fu Hongbo Pang Zhenxu
With the rapid development of Internet technology, Internet Illegal destruction in new ways that hackers from frequency and technology have improved significantly.
Today (November 28th) morning, the Hangzhou Municipal Public Security Bureau held a “net net 2018 special action to combat Internet crime and Hacker News briefing. Informed that this year, Hangzhou city public security organs in the city and district level two police leading propulsion the hacker attack damage regulation to combat illegal and criminal action, involving criminal hackers cracked a total of 40 cases, 77 people to take coercive measures, and arrested 25 people, 45 people shift v.. The Ministry of public security handling of the case of 3, the provincial public security department supervision cases 3.
Pictures from the visual Chinese
The network attacks lead to the loss of nearly ten million listed companies, but also to blackmail Mister bitcoin
The suspect is a self-taught hacker
The “40 years”, “junior high school”, “no computer industry”, “because of the crime of rape was sentenced to ten years in prison, was released from prison due to drug use by the public security authorities repeatedly punished”…… Such a person, who will not be associated with the “hacker” the identity.
In August this year, the Binjiang Public Security Bureau police brigade uncovered cases of destruction of computer information systems, captured such a self-taught hacker.
8 months earlier, police brigade received Binjiang a group of listed companies report that the company site was DDOS attacks (take up a lot of cyber source, response, service can not get the user is currently one of the most powerful and most difficult of attack defense), resulting in network congestion, resulting in the company a large number of backbone network paralysis, delivery order can not be shipped the loss of nearly ten million.
The site was attacked shortly after, the company responsible person immediately received a blackmail message sent to overseas telephone numbers, and extortion calls, asked to pay 1 coins, and that if we do not pay within the specified time, it will continue to increase the attack traffic and prices of up to 2 coins.
The police department investigation found, the DDOS attack case, traffic source is very complex, both domestic traffic from Chongqing, Shandong and other places, but also from the outside flow.
The police locked the suspect after a surprise: a 40 year old male, junior middle school education, no Internet experience, because rape was sentenced to ten years, there are many years history of drug abuse, by the public security organs repeatedly processing.
This person is not a suspect in this case? Whether people using his identity information to implement the crime?
To this end, the police departments again survey data analysis and a large number of personnel, through the investigation and analysis of the week, the final confirmation of the man is a suspect.
However, the suspect had repeatedly dealt with the public security organs, with a strong sense of anti reconnaissance. In order to escape from the public security organs reconnaissance, specially went abroad to buy phone cards, and try to use bitcoin, the channels of money laundering extortion. Once found suspicious circumstances or found strange personnel in the area of life, immediately go out to avoid, through a friend in the hotel room after check-in. To avoid police arrest suspects, frequent replacement of residence.
The suspect through the springboard server, using illegal software control of a large number of domestic and foreign “fryer”, flow launched attacks on the site, and to the site of the listed company for a bitcoin, through big data analysis finally locked the suspect.
In August 29th, Binjiang police successfully arrested the suspect.
Click on the game plug-in advertising you lose, this is the hacker trap
This year 3 month 5 days, Hangzhou Wang playing a popular online game, accidentally saw a game advertising.
Out of curiosity, Wang to download and install the game plug-in software, but after installation automatically restart the computer, and then boot after Wang found that all files are encrypted lock screen pops up a dialog box shows the need to pay $3 to unlock.
Wang worry about important files on the computer can not be used, in accordance with the requirements will use a network payment software for the payment, but Wang accidentally discovered that the computer will not decrypt, and pay their own software in 300 yuan balance also chose to take wings to itself, Wang Xihu District Public Security Bureau police.
This plug-in software is actually extortion virus named “QL2.1”, the victim to download the software and installed after the first run a background process, the process and the backend server remote connection, and the victim in the computer file encryption lock, while the pop-up dialog box prompts: “your computer files have been part of me lock! Click on the button below to unlock! Don’t try to break this program! Otherwise, the computer will start the self destruct! Unlock: click on the button below to login to online payment account to pay 3 yuan”.
Click on the “pay 3 yuan to unlock” button, the pop-up “self purchase registration code system”, require the user to scan the login code or enter the account password to log in two ways.
The online payment account login and password to pay to unlock the time-consuming, suspect on the victim computer controlled release 1 program sequence and the creation process, the process will be added to the victim computer embedded web page, the page shows the payment of 3 yuan, the actual amount paid for all the remaining amount. The victim after the payment is completed, the suspect and the victim was not to control computer to unlock, the follow-up can still repeatedly ask for fees to unlock the victim.
The police through the comprehensive investigation and analysis of the virus, and Fujian, Shandong, running and other places to multi transfer of relevant evidence, 3 15, arrested the suspect lee.
Lee confessed his crime, and admitted that the virus is on the Internet to a nickname for the “QL project team” to buy home.
4 3, the nickname “QL project team” Wang West Lake was arrested by the police, while Wang Mouzheng is ready to spread the virus spread through a large area.
Wang explained the accident in 2017, and obtained two kinds of Trojan virus source code on the Internet, I modify the nesting of the 2 virus source code, the two viruses are integrated into a new computer with encryption file and theft of account balance function of the “QL” virus, and the virus disguised as “second praise” and “private detective”, “chicken game” and other popular programs to induce others to download.
Lee, Wang through the “QL” virus sales, communication, illegal profit of 20000 yuan.
At present, Lee, Wang West Lake police have been taken criminal coercive measures according to law, the case is still further processed.
Hangzhou police, the hacker crime presents new crime 4 distinct characteristics: target metastasis, crime means more professional, more covert methods of crime, crime of camouflage strong members of a younger trend.
From 2007 years of “Panda”, to 2017 years of “wannacry” extortion virus production technology is increasingly complex, latent capacity is increasing, the outbreak spread more rapidly, The damage range by region into a world-class level And the need to break the virus, extortion cost of manpower, resources and labor costs, caused great negative impact on the network public opinion.