Yangzhou cracked Trojans first trojan virus stolen gold million every month

The intermediary transaction SEO diagnoses Taobao guest stationmaster buys the Cloud host technology Hall

"Bole Trojan" is currently the top three of the virus, open Baidu Search, input "Bole Trojan", a total of more than 25,100 relevant information. View this information, both the use of the introduction, there are download methods, as well as the killing tutorial ... Online "Bole" a prosperous scene. More data speculated that the virus's manufacturers smoked nearly millions of dollars a month.

In mid-July this year, after 4 months of meticulous investigation, renowned for a while "Bole Trojan" manufacturer Guicai in Shenzhen by the Yangzhou police arrested, which is the first captured Trojan virus manufacturers.

Worth 8,000 yuan "precious DAO" stolen

Early April this year, netizens play computer games, the screen suddenly jumped out of a window, said click to download the program, you can improve the speed of the game, Anxiaoqiu no hesitation, point down.

However, after a lapse of 10 minutes or so, many inexplicable sites have popped up, and can not be turned off, Anxiaoqiu estimate may be poisoned, immediately shut down the computer. But when he opened his game account again, the accident happened: all the equipment evaporation, a value of 8000 yuan knife also has no traces. Anxiaoqiu think that this is someone else took illegal means to steal their own game equipment, then immediately to the police.

At this time Yangzhou Municipal Public Security Bureau Network Police Detachment is very busy. Recently, through the Internet alarm processing platform every day to accept this kind of game equipment stolen cases more than 10. After verification, the police judge, this is likely to be called "Bole" Trojan virus. Police immediately launched a project investigation, following the "hoof print" to find "horse-raising people." Through the screening of tens of thousands of of information, research, a person claiming to be the virus manufacturer to enter the police line of sight, his network called "Bole."

July 8, "Horse-catching action" launched in full. That morning, in Yangzhou railway station waiting Hall, "Bole" just an appearance was taken away by the police, according to "Bole" account, Trojan Horse program production, sales is a clear division of the organization, and he is only responsible for online sales. All the virus program is a call "eldest brother" provided by the man, because it is only online transactions, "Big Brother" surname what, long what appearance all do not know.

Lead "Big Brother" arrested

View "Bole" and "Big Brother" conversation record, the police found "eldest brother" from Taizhou, Zhejiang, and did not detect the "bole" has fallen into the hands of the police. July 9, that is, "Bole" was arrested the next day, the capture team appeared in a community in Taizhou.

"Hello, please open the door, we are the community material tube." The policeman rang the doorbell and said loudly. The door opens a seam, the police pushes the door to enter, will unprepared "eldest brother" capture. Police found the room is a building, and after camouflage, need to be from the outside staircase to reach the top floor. Open the door upstairs, the scene is shocking, more than 10 desktop computers, laptops, servers staggered row, 4 staff are testing the newly written "Bole" Trojan virus.

In the "Big Brother" safe, the police have a major discovery, here not only placed a deposit of more than 1.3 million yuan, there is a delicate mobile hard disk. Eldest brother confessed, hard disk storage is "Bole" Trojan source code. In the police rejoiced, think has been uprooted by this gang, an unexpected result appeared, "eldest brother" confessed "Bole" Trojan writer is not he, but another person, named Guicai.

In mid-July, the arresting team captured Guicai's whereabouts and captured it on 14th. After the trial, Guicai confessed, he is really a horse Trojan virus writer. After graduating from junior high School to contact the computer and network, and was deeply attracted. On the basis of junior high school culture, self-study of English and mathematics, and began to learn to write small programs. In the 2007, Guicai met the "Big Brother" and took the road of crime.

Then the police non-stop on Beijing, Guangzhou and other place, arrested more than 20 suspects involved in the seizure of money more than 2 million yuan. At this point, the production, dissemination of the main members of the horse was arrested. Guicai also became the nation's first captured Trojan virus maker.

"Bole Empire" "Black Gold Industry chain"

If the backbone of this gang is described as a company, then "Big Brother" is the company boss, Guicai is the technical director, responsible for product manufacturing and upgrading; Bole "is the sales director. The buyers are those who specialize in the theft of a number. The price of each Trojan is about 4000 yuan. If the buyer wants to make a Trojan horse alone, it will cost about 30000 yuan. In addition, the Trojan to constantly upgrade to avoid the killing of anti-virus software, buyers have to pay additional upgrade costs.

These buyers use the "flow quotient" to implant Trojans into other people's computers. "Flow quotient" will have disguised as advertising and other forms of Trojan virus, put to the site of higher click rate of the main online, in order to wait. "Flow Quotient" Press 1 cents per click Price, return the website. According to the people involved, due to the number of netizens nationwide, they can grow more than 100,000 "horses" every day, so also to pay million yuan costs.

"Bole" confessed, netizens poisoned, when the game started, their own account number and password will automatically appear in the front of the thief. In the face of the information such as snowflakes, the theft gang on the one hand, using the stolen Netizen's username password login game, cleaning player's game currency, equipment and other virtual property, and then through a dedicated network of online sales, from which to earn profits. Too late to deal with, they simply reselling. According to the people involved, since December 2007 through the dissemination of "Bole" Trojan and other harmful programs, theft game account 20 million, illegal profit of millions of yuan.

From the network related forums can be seen, the current market on the popular Trojan has: "Bole", "" Big Miss "," Hummer "and so on," big Miss "for is" Dream West Tour "This game," Hummer "main Monopoly" Warcraft ", and" Bole "for the domestic dozens of hot online games. In line, "Bole" Trojan virus reputation is very high, its production excellent, upgrade timely, fast after-sales service.