A developer manages to steal a negligible amount of $ XNUMX million from an ATM after finding and exploiting a ridiculous hole in the ATM program.
Sounds like something out of a movie. A disgruntled bank planner discovers the perfect plan to make an ATM withdraw money without charging it to anyone.
But this story is true. The South China Morning Post and Daily Economic News Qin Qisheng, 43, reportedly managed to withdraw more than 7 million yuan (more than $ 1 million) from an ATM run by his employer bank, Huaxia Bank, taking advantage of a crazy vacuum.
According to reports, the bank's system does not properly record withdrawals made around midnight, resulting in cash being deducted from the user's account. Normally, this could raise a red flag in the system, that a transaction has failed, but Qisheng allegedly introduced a script into the program and silenced these alerts.
Qisheng started withdrawing money from November 2016 until January 2018, and after about 1.358 withdrawals the bank discovered the bad code in its system and notified the authorities to arrest him.
The sequel is perhaps the most amazing part of this story. Qisheng returned the money and the bank no longer wanted to pursue him. He may have feared bad publicity (apparently the window is already closed), so Huaxia Bank asked the police to drop the case, accepting Qisheng's excuse that he was just testing the bank's security and holding the money to ask for it. bank !!!.
However, the court refused and Qisheng faces up to 10,5 years in prison. They were not convinced by the argument, considering that the accused had transferred the money to his personal bank account, and not to a fake bank account, because he was investing the money in the stock market.
it's not the first time which ATMs are made target of smart developers. Today's story, however, is particularly fragile with the concurrence of perpetrator and victim views.