Guangdong police net net security 15 special action to close the net
Detection of more than 100 cases of hacker class involving more than 2500 yuan
Source: Southern Metropolis Daily
Nandu reporters learned from the Guangdong Provincial Public Security Department that recently, under the command and coordination of the Ministry of Public Security, the Provincial Public Security Department organized and launched the "Net Security Network" No. 15 special action against hackers'cyber attacks and violations of law and crime. During the operation, more than 100 hacker cases were detected, more than 30 hacker gangs were successfully attacked, more than 160 people were detained in criminal detention, and more than 7 240 websites were attacked. The total amount involved was more than 2.5 million yuan.
Hacker's network attack has become a problem of people's livelihood. Since this year, Shenzhen, Shaoguan, Jiangmen, Zhongshan and other cities and municipal police have received in the work of hacker-related criminal clues reported. After the relevant cases were reported, the provincial public security department attached great importance to it and quickly set up a special group. After months of careful investigation, Guangdong police recently launched a cluster network collection operation in Shenzhen, Shaoguan, Zhongshan, Jiangmen, Hunan, Guangxi and Xinjiang. After that, a medical registration platform system in Shenzhen was illegally invaded and Shaoguan was broken. A County Education Bureau computer information system data was illegally acquired, Jiangmen Chen and others illegally controlled computer information systems, such as the case, destroyed the above-mentioned implementation of hacker network attacks sabotage criminal gangs.
According to the relevant person in charge of the provincial public security department, the current hacker cyber attacks and crimes of sabotage have shown three distinct characteristics: the hacker cyber attacks become the source of illegal crimes in the black industrial chain, the insider "guarding oneself from theft" situation is prominent, the network attacks are various and the attack threshold is gradually lowered.
Medical registration platform server was invaded
A large number of patients can not register properly.
In July this year, Shenzhen police received a report from a Shenzhen Ningxia Science and Technology Co., Ltd. that the server of a medical registration platform developed and used by Shenzhen Health Planning Commission was frequently intruded by outsiders, resulting in a large number of patients long-term unable to be registered in the medical platform App to the major hospital specialists, often complained by customers. .
After receiving the report, Shenzhen police immediately formed a special team to investigate the case, found that Shenzhen Yunzhi Technology Company's "calf reservation artifact" Weixin public number since 2017 on the Internet crazy sale of the platform registered major hospital experts, doctors appointment number, and detected the source of the relevant intrusion and Yunzhi company. The police initially concluded that the company had a significant connection with the invasion.
Through an in-depth investigation of Zhang, a legal person of Yunzhi Science and Technology Company, the police found that Zhang's husband Lemou wanted to have worked in a Shenzhen Ningxia Science and Technology Co., Ltd. and participated in the development of App for the medical registration platform. After technical judgment and reverse analysis, it is found that Lemou wants to use the technical advantages of A PP, which was developed by Lemou, to directly and illegally intrude into the backstage server of the platform and successfully bypass the verification code.
For profit, Lemou wants to sell a so-called "bull's horn coin" of RMB 1 and RMB 1 by using another "cow's assistant" micro-signal while placing an order for the public number of "calf's ornament" frequently and charging 30 to 50 yuan each time. In just a few months, it registered more than 1400 times for its customers, and made a profit of RMB 3 yuan. In order to deceive the public, it also repeatedly changed the server's IP address and deliberately evade detection. The police also found that there were nearly 50,000 pieces of personal information, including identity cards, social security, mobile phones, medical information and other important information. At present, Le Mou has been detained by Shenzhen police.
The Education Bureau even receives fishing Trojan mail.
The suspect did not graduate from primary school.
At the end of May this year, staff of a County Education Bureau in Shaoguan reported to the city's public security organs that their office mailbox received an important notification sent by the sender for the "government office". The staff did not identify it in detail. After downloading, they clicked to open the attachment and link of the mail, and found the contact person in the mailbox was confused and lost. It is reported that a number of teacher mailboxes and office mailboxes have received similar fishing Trojan mail continuously.
It's hard to imagine that the hacker behind is a man who has never graduated from primary school. Shen police officer from Shaoguan police told Nandu reporter that the 30-year-old suspect He Mou came from Nanning, Guangxi, early years to work, came back to play computer, "join the hacker's QQ group, study on the website. In early 2017, he met a "more powerful hacker," after learning, he servers, modify Trojan programs, slowly improve technology.
He intends to entice the recipient to click and open the mail by sending a large number of e-mails that masquerade as government agency signatures and contain Trojan horse links. When the victim opens the email, the Trojan Horse program steals personal information from the victim's computer and sends it back to the suspect's computer. At the same time, the Trojan Horse mail will continue to spread to other mailboxes using the mailbox address book.
The police in Shaoguan seized the suspect, arrested him, and seized more than 40,000 Web shell scripts for Trojan Horse jumping, as well as a large number of parasitic software tools, website management tools, Trojan Horse domain names, Trojan Horse background program source code and other hacker tools to seize computers, mobile phones, telephone cards, etc. Bank cards and other crime tools. Officer Shen said that stealing personal information from citizens for sale was not his main source of income, selling Trojan horses to more than 600 households, Imparting Criminal techniques, is his "way to make money." It is understood that the police obtained half a year's information from his bank card and found that he had sold at least 100 sets of Trojan horse programs, making a profit of more than 100,000 yuan.
Nandu reporters learned that these hacker cyber attacks destroy crime are extremely easy to leak citizens'personal information, and once these important information into the hands of other criminals with ulterior motives such as fraud, the consequences will be unthinkable. In view of the problem of personal information protection, Guo Hongwei, chief engineer of the Network Police Corps of Guangdong Public Security Bureau, told Nandu reporter that personal information protection has become an important issue for our country in recent years, especially after the amendment of the criminal law, illegal possession and trafficking of citizen information are criminal acts. "In the process of Internet development, as long as there are consumer activities, it is difficult to fundamentally eliminate the leakage of information. However, the public security organs' attack on them is still continuing to exert their strength.
Interview: Nandu correspondent Su Hailun correspondent Wan Tao Huang Yutai Li Xiaodong
Waonews is a news media from China, with hundreds of translations, rolling updates China News, hoping to get the likes of foreign netizens