Home » News » General » Programmer with Chinese bank jailed for exploiting bug in bank system to siphon $1 million over 2 years

Programmer with Chinese bank jailed for exploiting bug in bank system to siphon $1 million over 2 years

By Digit NewsDesk | Updated on 03-Jun-2020
Programmer with Chinese bank jailed for exploiting bug in bank system to siphon $1 million over 2 years
Digit NewsDesk Digit NewsDesk
06 Feb 2019 20:38
HIGHLIGHTS

A senior programmer with the Huaxia Bank managed to transfer over seven million Yuan from the financial institution to his account by inserting scripts in the system to exploit a bug.

Highlights:

  • Qin Qisheng was a programmer with the Huaxia Bank
  • He reportedly stole over $1 million by exploiting a bug in the bank’s core system

As per a report by The South China Morning Post, via The Verge, Qin Qisheng, a 43-year-old senior programmer with the Huaxia bank managed to siphon off $1 million from the financial institution over a period of two years by exploiting a bug in the company’s core operating system. While the bank forgave the employee as he cited that he was simply testing the flaws in the system, he was still jailed. As per the report, because of the bug, cash withdrawals done around midnight were not recorded in the bank’s system. While this scenario should typically throw an error saying the transaction has failed, Qin inserted some scripts in the system so that there would be no such an alert. The bug has since been fixed.

Qin reportedly proceeded to withdraw money from the bank in amounts ranging between 5,000 and 20,000 Yuan (Rs 53,052 approx – Rs 2,12,211 approx) using a dummy account that the bank uses for testing its systems. This resulted in the withdrawal of over seven million Yuan by January 2018 from the bank. Qin is said to have deposited the amount in his own bank account and invested some of it in the stock market. When the unauthorised activity from the dummy account was detected, it was reported to the bank, which in turn alerted the authorities. Qin was arrested, found guilty by the court and sentenced to 10 and a half years in jail with a fine of 11,000 Yuan (Rs 1,16,745 approx). 

When Qin said that he was simply testing the internal security of the system, the Huaxia bank accepted his explanation and asked the court to pardon him. However, the authorities disagreed and said that the institution itself previously stated that his activities were in violation of formal procedures. “On the one hand, [the bank] said that the accused’s behaviour was in violation of the rules. On the other hand, he said that he could conduct relevant tests. This is self-contradictory,” said the judge. Qin returned the entire amount before being arrested. 

Related Reads:

ES File Explorer security flaw can aid hackers to leak data on Android devices: Researcher

Digit NewsDesk

Digit NewsDesk

Digit News Desk writes news stories across a range of topics. Getting you news updates on the latest in the world of tech. View Full Profile

New Mobiles
Apple IPhone 15Redmi 12 5GRealme 11 Pro+ 5GApple IPhone 15 PlusNothing Phone 2
Top-10s
Best Mobile Phones under 15,000Best Mobile Phones under 20,000Best Mobile Phones Under 10,000Best Mobile PhonesBest 5G Mobile Phones
Terms of Use Privacy Policy About Us Advertise with us Contact Us SiteMap Current / Past Issue Magazine Subscription
9.9 Group

Digit.in is one of the most trusted and popular technology media portals in India. At Digit it is our goal to help Indian technology users decide what tech products they should buy. We do this by testing thousands of products in our two test labs in Noida and Mumbai, to arrive at indepth and unbiased buying advice for millions of Indians.

We are about leadership – the 9.9 kind Building a leading media company out of India. And, grooming new leaders for this promising industry.

logo logo logo logo logo logo
Copyright © 2007-24 9.9 Group Pvt.Ltd.All Rights Reserved.
Digit.in
Logo
Digit.in
Logo