Home > News content

The money in the phone was turned away overnight. What happened?

via:博客园     time:2018/8/5 16:32:59     readed:388


The means of scams and hackers are becoming more and more sophisticated.

Text / Zhou Chaochen

This is nothing next.

This is the title of the article published by Douban Netizen "Single Fishing Cold River Snow" after August 1st.. The netizen said that after waking up at 5 o'clock in the morning on July 30, he found that the mobile phone has been shaking. He received more than 100 verification codes from Alipay, Jingdong, Bank, etc., and then discovered that “Alipay, Yubao, Balance and Association” The money for the bank card has been turned away. Jingdong opened the function of gold bars and white bars, and borrowed more than 10,000.

According to its description, the netizen is a woman living in Shenzhen. She said that after discovering the above situation, she called the police, called the mobile phone stop, and found the payment report for the first time. “Two days, I ran the bank to check the water and hit 110. Seeking acceptance, running the police station to record the confession, playing Alipay customer service, Jingdong customer service, playing Apple customer service … … all kinds of hard work, seeing all kinds of shovels, not doing. ”

General situation of things

She posted some SMS verification codes, SMS reminders sent by Jingdong Finance, and transaction records. The time is between 1 am and 4 am on July 30. See below:





At the same time, she also posted a picture of the negotiations with Jingdong Finance, saying that she did not provide personal information for the opening of Jingdong White Bar, but Jingdong Financial approved it and owed 10,000 yuan.


After all, it is the loss of property, coupled with the fear of personal information leakage, "single fishing cold river snow" said that she is now "major sad". She has added some recent developments in the past two days, which are recorded in the iPhone memo:



“Dod fishing in the cold river snow”, and later added again, the display is August 3, in fact, it should be yesterday (August 2):

Today, Jingdong called two times and said that I still want to personally assume the gold bar loan. I said that I still don't contact me with this answer. I did not answer the phone call from the China Banking Regulatory Commission. I have been busy with the medical examination. They also answered the work after 2~5 working hours.

At noon, I called the police station and asked if there was no case. I asked the person who gave me the confession. I said that I didn’t know the police officer. He said that he couldn’t find it. He didn’t have permission. He said that he would wait until the report was reported. What do I say about accepting receipts? He said that he was not clear. I asked if there was a confession for the confession. Then I asked him again and said something, and said it in the past. clothes.

This "single fishing cold river snow" (hereinafter referred to as "Ms. Ye") should be the receipt of the Shenzhen City Public Security Bureau Xincheng police station:


The above is basically the general situation of things.

Alipay and JD's response

Ms. Ye attached a post on June 8th, Tencent & ldquo; Guardian Program, a public message issued by the public, "A few strange text messages, can actually take away the savings of half a lifetime, what happened?" ", guess whether you have encountered the "described GSM hijacking + SMS sniffing" described in the text.

After the tiger sniffed this post yesterday morning, immediately asked TK, the head of Tencent Xuanwu Lab, to see if Ms. Ye had encountered “GSM hijacking + SMS sniffing”. TK responded to Tiger Sniff: “Even if the information she sent was true and there was no intentional omission, assuming her description was accurate, this (other) possibility was more and there was no way to guess. ”

He believes that Ms. Ye has the potential to be hacked & ldquo; GSM hijacking + SMS sniffing & rdquo;. But this is only a possibility. In many ways, the user's mobile phone can be stolen overnight, including the inside of the operator, the Trojan in the mobile phone, and so on.

At the same time, yesterday (August 2nd) I also contacted the staff of Alipay and JD Finance to verify.

Alipay said: "Understanding this matter, we set up a group yesterday morning (August 1st, that is, the early morning of the Douban post), is tracking this case, check the reason for the stolen brush and refuse Reason for compensation. ”

Later, Alipay learned that the netizen lost more than 900 pieces on Alipay. “The money on her Alipay side is not simply a steal, but a Q coin.” At present, Alipay is not sure which kind of situation is caused. It is preliminarily believed that the netizen has a relatively complete information disclosure, and does not rule out the possibility of acquaintances committing crimes.

This morning, Alipay revealed the further processing of this incident to Tiger Sniff, and believed that the user could be compensated for subrogation. Subrogation compensation means that after the user receives the compensation from Alipay, the user transfers the infringing debts between the user and the pirate to Alipay. Alipay directly claims the rights to the thief, and the user no longer claims any rights on the above money. The user can provide my ID card, report receipt and subrogation letter to Alipay, and Alipay will pay the amount to the user. Here @独钓寒江雪.

Last night, the tiger sniffed to Jingdong Finance to understand that the netizen reflected “Jingdong’s personal commitment to the gold bar loan”, Jingdong Finance sent a statement to the tiger sniff this morning:

After investigation, this is a scam that uses the GSM+ SMS sniffing technology to obtain the user's mobile phone text message in real time, thereby stealing user information and stealing user accounts for online fraud. The principle of SMS sniffing is that the criminals can obtain all the text messages received by the user within the pseudo base station, while the user is unaware. The new black-produced network fraud based on SMS sniffing technology has endangered the security of some users, resulting in users suffering different levels of financial losses in major banks and Internet platforms.

Jingdong Finance is highly concerned about this matter and has set up a special handling channel for theft of stolen samples. We will verify the case for the first time in response to user feedback. Adhering to the principle of the user's interests first, we will advance the user account confirmed to be stolen, exempting the user's repayment responsibility.

In other words, Jingdong Finance exempted Ms. Ye from being “borrowed” by 10,000 yuan, and Jingdong Finance believed that this was “when the criminals used GSM+ SMS sniffing technology to obtain the user's mobile phone SMS content in real time, thereby stealing users. The information on the scams of information and theft of user accounts is similar to the statement on the receipt of the case posted by Ms. Ye.

Jingdong Financial’s staff said to the tiger in the morning: “There has been contact with the other party and the problem has been solved. ”

However, according to the analysis of technicians, Alipay believes that this fraud incident cannot be simply determined to be achieved through “GSM+ SMS sniffing”. The other party thinks that the iOS system is relatively unlikely to have a Trojan virus. The Trojan virus only costs more than 900 yuan. This cost is too high.

According to the results of Alipay's retrospective, the user's Alipay made several transactions that night, two of which were cashed out to Ms. Ye's own bank card. Only one transaction was a consumer transaction, which is more than 930 yuan. Purchased Q coins.

At the beginning of Alipay, it was determined that this was a normal current situation, so there was an Alipay who said that Ms. Ye refused to pay.

Alipay also found a problem when it was traced back. The account of the user was logging in on a very mobile phone, and Alipay was required to log in on the mobile phone. One of the most important verifications is the mobile phone verification code. The mobile phone verification code is effective (usually 60 seconds), how the stolen brusher gets the phone verification …… there are still many problems to be solved.

At present, Alipay has not given the tiger a clear conclusion.

After accepting the interview with Tiger Sniff, TK talked about this on Weibo this afternoon and gave a more detailed analysis:


TK added: "The victim used the iPhone, so I originally wanted to directly say that it may be related to iCloud, but I was afraid of being sprayed with fruit powder, so I changed the &squo; SMS automatic cloud backup & rsquo; such a statement. ”

At present, there are still many doubts in this case. Before the police gave no results, we would not be able to add speculation. However, in this case, the netizen and Alipay and Jingdong Finance are both victims.

If the case is as true as Ms. Ye said, the technical means of hacking have evolved. For example, in the frequent occurrence of this article, "GSM hijacking + SMS sniffing" technology, hackers routinely sniff your mobile phone after you sleep, so that you are unaware.

How to prevent or prevent it? The Tencent Guardian Program gives a way to block SMS sniffing. It is recommended to adopt:

1. It is necessary to do sensitive personal information protection such as mobile phone number, ID card number, bank card number, and payment platform account number;

2, the simplest trick is to shut down before going to bed. After the phone is turned off, there is no signal, and the SMS sniffing device cannot obtain your mobile phone number;

3, if there is no shutdown, in the morning to see strange verification code SMS, you must think of the possibility of SMS sniffing attacks, and quickly check your bank card and payment application. At this time, if the money is found to have been stolen, the bank card will be frozen and the police will be alerted.

Speaking of this, it is much more to say, and combating black production should become a consensus among the whole people. With the increasing popularity of mobile payment in China, whether it is Alipay or WeChat payment, various mobile phone apps have become our daily payment tools. From the current point of view, online fraud and hacking methods are becoming more and more sophisticated, and have been separated from SMS. The low-level taste of fraud. The fight against cyber blacks has become the consensus of major Internet companies in the past two years, but this is not something that can be done by one's own efforts. It requires the formation of linkages across the society, including the government, public security, operators, enterprises and individuals. Fighting part of the black production. At the same time, major Internet companies should put aside competition and cooperation in combating black production.

This morning, Tiger sniffed to contact Ms. Ye. I sent her a private message on Douban, but the other party has not responded yet.


Just at 19:25 this evening, I saw that she sent a microblog (account: - American Da Vinci) half an hour ago, she seems to have doubts about JD's exemption from her repayment obligations, and JD. She has been told that she is exempt from her repayment obligations.


Later, I sent a private message to her Weibo, asking her whether Jingdong and Alipay had paid for it and whether the police had filed an investigation. Weibo showed that the other party had read, but as of press time, the other party did not respond.


China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments