For WeChat users, the word "clear powder" is not unfamiliar.
The so-called "clear powder" usually refers to the use of some third-party application cluster software, so that the account automatically sends a group message to all friends, and then according to the "whether the information can be successfully sent and received" to identify and clean up those friends who have not been in touch for a long time or have been blocked by the other party.
The Shanghai police held a press conference today to remind through real cases that criminals have illegally obtained a large amount of citizens' personal information under the guise of "clearing powder" and making profits from it.
How to "clear the powder" procedure wait for the opportunity to "infringe"
In August this year, the Cyber Security Corps of the Shanghai Municipal Public Security Bureau found an important clue during the network inspection: an application had a superficial "clean powder", which was actually an illegal act of "drainage". After receiving the clue, the Minhang police dug out a criminal gang that used the "clean powder" software to illegally obtain user data through more than 2 months of investigation.
In mid-to-late September this year, under the guidance of the Cyber Security Corps of the Shanghai Municipal Public Security Bureau, the Minhang police successively conducted network collection operations in Shanghai, Sichuan, Zhejiang and Hunan, arresting 4 criminal suspects and involving more than 8 million yuan.
Police arrested 4 suspects (police photo)
So, how does this "cleansing powder" software "darken the warehouse"?
Not long ago, Miss Zheng, who is a "micro-businessman", wanted to give her circle of friends "clear powder", on an online trading platform, she found a "small sparrow clear powder assistant", the advertisement indicated "clear address book". After paying a service fee of 5 yuan, the customer service gave Miss Zheng a login password.
Miss Zheng opened the login URL of "Little Sparrow Assistant", entered the login password given by customer service, and a two-dimensional code appeared on the screen. The customer service prompted Miss Zheng to use the mobile phone to scan the code to log in, and then the background system began to scan the mobile phone with the scanned code in depth.
"Soon, I estimate it will be less than 2 minutes." Miss Zheng's WeChat "file transfer assistant" received a "physical examination report": in addition to showing the number of detected friends, she also pushed the business cards of friends who blocked her to her one by one.
Powder removal process
Until the case was solved, "clear powder" users like Miss Zheng did not know that their information had been stolen. The police analysis found that the criminal gang obtained the citizen information in the mobile phone "in seconds" without the user's awareness, until the crime occurred, and no one reported the case to the public security organs. Little did they know that this citizen information data had been transmitted to the servers of the criminal gang.
"Clear Powder" software advertisement
More than 300 online stores participated
After interrogation, the police found that criminal gangs not only used procedures to illegally obtain citizens' information, but also sold and illegally used this citizen information for profit.
In April 2020, criminal suspect Wang Mou formed a criminal gang and recruited technical personnel Chen, Duan and Zhou to jointly develop a program that can achieve the function of batch "clearing powder".
At the beginning of development, Wang mou made it clear that the application should have the function of stealing citizen information, and after illegally obtaining user information, the data will be automatically uploaded to a "transit website". This website has data upload, download and statistics functions.
As long as the "recharge registration" becomes a member of the "transit website", after paying the fee, the criminals can use these stolen citizen information to "swipe", "like" or other network traffic services.
Through checking the flow records, the police found that the criminal gang had illegally profited more than 8 million yuan through 14 months of operation and maintenance.
Records of illegal gains
Background login record
This criminal gang is not large, only 4 people, how do they promote their "products"? The police investigation found that there were more than 300 agent online stores that "sold" the application.
At present, the criminal suspect Zhou Mou has been criminally detained by the Minhang police in accordance with the law, and Duan Mou and three other people have been arrested by the Minhang Procuratorate for suspected crimes of infringing on citizens' personal information, and the case is being further tried.
Source: Xinmin Evening News