Đỗ Tuấn Anh. — Photo thanhnien.vn |
The Ministry of Public Security said in a statement last Friday that its investigators had detected the group using high-tech methods to steal money from businesses that operate intermediary payment services and e-wallets.
Investigators detained the students and searched their houses in the nearby provinces of Quảng Ninh and Vĩnh Phúc last Wednesday.
The suspects are Nguyễn Thị Anh from Vĩnh Phúc, Nguyễn Thị Bảo Thoa and Đỗ Tuấn Anh, all three aged 23, and an older brother, Đỗ Vân Phi, 24, from Quảng Ninh. They are students at Thái Nguyên University.
Investigators seized cash and savings books worth more than VNĐ3 billion ($130,000), 30 ATM cards from various banks, six computers, four iPhones, dozens of Nokia phones with disposable SIM cards and other documents related to their alleged crimes.
All four have admitted their crimes to the police. As the mastermind, Tuấn Anh said he had discovered security holes in the databases of many companies and had hacked into hundreds of websites since 2013.
Having gained control of the websites’ administrative accounts, he and his accomplices added fake balances to accounts they had created beforehand and used the funds to buy the details of various top-up cards.
The group then got in touch with top-up card agents and stores through their multiple ‘burner’ phones to sell the card details at discount rates. The money was then transferred to their bank accounts under the names of other people, since they bought the accounts from others.
Anh also claimed he had hired foreign hackers to find the websites’ security holes and take control of them for him to steal their data.
The group was found to have gained access to the databases of five companies between September 2018 and April 2019, stealing card information for tens of thousands of mobile and game top-up cards, worth roughly VNĐ5 billion ($214,000).
To prevent such high-tech crimes, the ministry has urged individuals, organisations and businesses to be more vigilant, improve information security on their websites, emails and electronic devices, set up multiple-step login processes and arrange receipt of early warnings to avoid being taken advantage of by cyber criminals.— VNS