Virtual currency worth millions of yuan disappeared. What happened? After Mr. Ou, a citizen, reported the case to the police, Xuhui police arrested three insiders in the virtual currency development company. They had been holding Mr. Ou's virtual currency property for three months, illegally obtained more than 27,000 mnemonics and more than 10,000 private keys, and successfully converted more than 19,000 digital wallet addresses.
However, the real culprit was not the three of them, but a fourth insider in the same company! Is digital currency really safe? Such cases have undoubtedly sounded the alarm for everyone.
Caption: The backdoor program written by Liu, Zhang A, and Dong. Photo provided by Xuhui Procuratorate (the same below)
In May 2023, when Mr. Ou opened the virtual currency wallet software developed by Company A and wanted to check whether his virtual currency had appreciated in value, he found that the virtual currency worth millions of yuan in his account had been emptied a month ago. By analyzing the program, Mr. Ou noticed that there was a backdoor program in the virtual currency wallet software that would automatically obtain the virtual currency wallet address and private key, and tracked down suspicious user information based on it. In August of the same year, he went to the Xuhui Public Security Bureau to report the case. A few days later, three criminal suspects, Zhang A, Dong, and Liu, who were also employees of Company A, were brought to justice one after another.
After the three were arrested, they confessed that in early March 2023, they discussed adding a backdoor program to the virtual currency wallet software to obtain the user's private key. The three divided the work and cooperated with each other. Liu was responsible for writing the backdoor program, Dong was responsible for purchasing the server and domain name and encrypting the obtained private key, and Zhang was responsible for setting up the server and database. When the user installs the virtual wallet software, the backdoor program will automatically operate after 5 days and upload the private key, mnemonic and other information to the database they built.
In order to evade investigation, at the end of May 2023, the three destroyed the server and database after saving the stolen private keys and the corresponding digital wallet addresses they parsed, and agreed to use these private keys to illegally obtain users' virtual currency two years later. Unexpectedly, they were arrested by the public security organs three months later. It was found that the three illegally obtained more than 27,000 mnemonics and more than 10,000 private keys, and successfully converted more than 19,000 digital wallet addresses. However, the three "protested" and said that they did not break the "agreement" to illegally obtain virtual currency in advance.
Image caption: The email address used by Zhang Mouyi to steal private keys and mnemonics.
After fully studying and judging the existing evidence, the prosecutor in charge determined that Liu, Zhang A, and Dong did not transfer Ou's virtual currency, but their actions constituted the crime of illegally obtaining computer information system data. In April this year, the Xuhui District Procuratorate filed a public prosecution, and the Xuhui District Court sentenced the defendants Liu, Zhang A, and Dong to three years in prison and a fine of 30,000 yuan for the crime of illegally obtaining computer information system data.
Liu, Zhang A, and Dong were punished by law for their crimes. So, who touched Ou's virtual currency? During the interrogation, the prosecutor found clues from the confessions of the three people and guided the public security organs to collect evidence according to law, further analyze and judge the case, and finally locked the real culprit behind the scenes.
It turned out that a backdoor program was also implanted in the virtual wallet software of another platform used by Mr. Ou, by Zhang Mouyi, who once worked for Company A. After Zhang Mouyi was arrested, he confessed that in July 2021, he used his professional knowledge and understanding of virtual currency to write a code in the client code to collect user private keys and mnemonics. When a user trades virtual currency, the code will automatically obtain the mnemonics or private keys used by the user for signing operations, and send them to Zhang Mouyi's mailbox via email.
In April 2023, Zhang learned of Mr. Ou's virtual wallet address through his illegally obtained mnemonics and private keys, transferred all the virtual currencies in it to his own wallet address, and immediately converted them into other digital assets or virtual currencies. It was determined that Zhang illegally obtained more than 6,400 user private keys and mnemonics. After legal education by the prosecutor, Zhang voluntarily pleaded guilty and accepted punishment, and with the help of his family, compensated Mr. Ou for part of the loss and obtained forgiveness. Recently, the Xuhui District Court sentenced the defendant Zhang to three years in prison and a fine of 50,000 yuan for the crime of illegally obtaining computer information system data.
Follow me! Get more information about the cryptocurrency world faster! #内容挖矿 #BTC