Nantong cracked a big “darknet” infringement of citizens’ personal information case seized 50 million pieces of data
The so-called "dark web" is a type of technical means that uses encrypted transmission, P2P peer-to-peer networks, etc. to provide users with anonymous access to Internet information. The biggest feature of the "dark web" is that after encryption processing, ordinary browsers and search engines cannot enter, and using bitcoin as a transaction currency, it is difficult to trace the true identity and location of the user, which is favored by Internet criminals.
On May 7, the Nantong Public Security Bureau announced that after more than four months of careful investigation, Nantong and Rudong public security agencies have broken through the technical difficulties, straddling 26 cities in 8 provinces and traveled hundreds of thousands of kilometers. In a huge “dark web” infringement of citizens ’personal information supervised by the Ministry of Public Security, 27 criminal suspects were arrested and more than 50 million pieces of citizen ’s personal information data were sold. Recently, this case was listed by the Ministry of Public Security as one of the ten typical cases of violations of citizens ’personal information that have been detected by public security organs throughout the country since 2019.
A large number of citizens ’personal information was obtained after online patrol
In August 2019, the network security detachment of the Public Security Bureau of Nantong City found in the daily online inspection work that the user with the net name "akula98" sold citizen personal information on the "darknet" trading platform, some of which involved citizens of Nantong Rudong and other places. Personal information. "It's mainly data such as bank account opening and mobile phone registration. The inquiry is true, and it is easy to be used by fraud and other criminal gangs. The potential harm is serious." Xu Pingnan, a network security technology expert and deputy team leader of the third team of the network security detachment of the Public Security Bureau of Nantong City, said.
The Nantong Municipal Public Security Bureau Network Security Detachment, together with the Rudong County Public Security Bureau, immediately set up a task force to tackle the case. After further investigation, the Nantong police found that since May 2019, "akula98" has repeatedly sold personal information of citizens through the "dark web" trading platform, a large number. However, the “dark web” can provide the task force with only one user name, but the true identity of the criminal suspect is unknown, and the case investigation office is at a standstill.
Under the leadership of Xu Pingnan, the project team built its own data model. Through in-depth research and judgment, it was difficult to lock the true identity of "akula98" as Wang Moucheng in Ningbo, Zhejiang.
On the evening of September 9, the police of the task force captured Wang Moucheng and successfully extracted the Bitcoin trading APP and the network disk used to store the personal information of citizens on his mobile phone.
According to Wang Moucheng, he collected a large amount of business information through various channels, and illegally purchased personal personal information data including futures and foreign exchange investors, and sold it on the "darknet" trading platform. At the same time, he also used the "dark web" trading platform to buy personal information of citizens in industries such as "shareholders", "owners", "banks" and "real estate", and sold them for profit.
As of the case, Wang Moucheng has sold more than 1 million pieces of personal personal information, and illegally earned more than RMB 100,000.
Marking the case without letting the source of the "dark web" into a distribution center for illegal transactions
In order to evade the public security organs, Wang Moucheng communicated with buyers and sellers using special software and settled in Bitcoin. The police of the ad hoc group tracked day and night, and they simply researched a clue from a large number of funds. On October 29, the buyer was arrested in Kunshan, Suzhou. As a result, the ad hoc group also found a key link in this criminal chain that uses the “dark web” to infringe citizens ’personal information.
After investigation, the buyer is Wang Mouyang, long-term operating futures trading platform. After arriving at the case, Wang Mouyang explained that he purchased personal personal information for business promotion. In addition, Wang Mouyang not only purchased citizen personal information through Wang Moucheng, but also purchased over millions of pieces of citizen personal information related to futures and POS machines.
"As an intermediary, he also helped introduce and get some 'benefits' from it." Jiang Guangcheng, the squadron leader of the investigation squadron of the Netan Brigade of the Rudong County Public Security Bureau, who handled the case for the main investigation.
According to the clues provided by Wang Mouyang, the task force quickly found out that another channel for selling personal information of citizens was Lin Mouwei, who was only 21 years old. On November 12, Lin Mouwei was arrested in Shanghai.
According to Lin Mouwei, he introduced Wang Mouyang through friends. From the end of 2018 to the case, more than 3.5 million bank accounts and mobile phone user registration data purchased from illegal channels such as the "Dark Web" were sold to Wang Mouyang and his introduced Fei Mougui and others for illegal profit making. More than 700,000 yuan.
From the confessions of Wang Mouyang, Lin Mouwei and others, the task force realized that there was a huge network of personal data information reselling behind them, and the "dark web" has become a distribution center for criminal suspects illegally buying and selling citizens' personal information. The case was significant, and the Nantong Municipal Public Security Bureau quickly reported the case to the Ministry of Public Security, which attracted great attention and was listed as a case supervised by the Ministry of Public Security.
Follow the line to trace the buyer of the broken chain, mostly used for advertising and fraud
The ad hoc group kept a close eye on the case, followed the data source of the personal information of the trafficked citizens, and found a chat tool group that Wang Mouyang joined. After the group members paid the fee, the group owner would teach the one-on-one how to enter the "dark web" Trading. The other “dark web” channel for Lin Mouwei is Hemou, a security engineer for a network company. At this point, this dark chain, private communication software, etc. as a transaction and communication platform to violate the citizens' personal information black product benefit chain surfaced completely.
On November 26, the task force rushed to Wuhan, Hubei province to successfully arrest the suspect He Mou. In his daily work, Hemou can collect some personal information of citizens, and soon accumulated a batch of personal data of citizens, plus his familiarity with the "dark web", so through the "dark web" or acquaintance introduction, the sale of foreign profits, Buyers are all over the country.
On the basis of the previous work, in December 2019, the task force transferred more than 30 police forces and set up 6 arresting groups, which went to 26 cities in 8 provinces such as Hubei, Heilongjiang, Shanghai, and Guangdong to conduct the offline purchase of personal information of citizens. Centralized collection of nets. As of January this year, a total of 27 criminal suspects have been arrested, and as many as 50 million pieces of personal information of various types of citizens have been trafficked.
Fei Mougui, 33 years old this year, runs a company in Kunshan and mainly represents the POS card swiping business of various payment companies. In order to promote the business, after being introduced by Wang Mouyang, Fei Mougui purchased 3.5 million POS card swipe consumption data from Lin Mouwei and distributed it to the salesperson for targeted telemarketing. , Pay the company and "dividend" to Feiguigui.
"Buyers have huge demand, which has stimulated the development of this network of black goods to a certain extent." Zhang Jian, head of the network security detachment of the Public Security Bureau of Nantong City, said that most of the buyers have similar purposes to Fei Mougui, and these illegal The obtained citizen's personal information is used for the precise placement of various advertisements and business promotion, and at the same time, it continues to sell its personal information through the "dark web" trading platform. "This can easily become an" accomplice "to other cybercrime." Zhang Jian said that cases of infringement of citizens' personal information are extremely socially harmful and must be severely cracked down. At the same time, the broad masses of people should be civilized and green on the Internet, and pay attention to raising the awareness of protecting personal information to prevent personal information from being inadvertently leaked out.
At present, the case is still under further digging, and the suspects who have arrived have been handed over to the local procuratorate for review and prosecution.
From：On DarkNet – Dark Web News and Analysis
Copyright of the article belongs to the author, please do not reproduce without permission.