Police crack criminal chain implanting virus into millions of phones, targeting seniors

Chinese police have cracked a criminal chain that implanted a virus into millions of phones, targeting seniors, according to a news briefing on cybersecurity held by the bureau of public security of Panzhihua in Sichuan province on Friday.

A total of 23 suspects involved in the case were apprehended and over 60 million yuan ($8.23 million) was confiscated by the police, along with seizure of four cars and one house property on Feb 1.

The case came to light in June last year when a Panzhihua citizen surnamed Zhang discovered his parent's phone bill was increasing every month despite its being a dumb phone with simple features and unable to install software.

Zhang's parents had used the phone less and less since June last year, while the phone bill had kept mounting. Zhang then sought help from the telecom service provider who informed him that it seemed that the user subscribed to several charging services such as mobile phone newspaper and weather service.

Since the subscription to these services requiring confirm messages from the user, Zhang checked his parent's phone for these kind of messages, only to find nothing. Considering his father unable to delete messages or send messages, Zhang figured the phone might have been rigged and called the local police.

After receiving reports, the police in Panzhihua began investigating into this matter of automatic subscription to charging services on elderly phones. And it turned out that there were 89 similar cases in Panzhihua.

During investigation, the police found out that many elderly mobile phone users unknowingly subscribed to some charging services, with monthly charges ranging from 1 to 10 yuan. Due to their lack of familiarity with the operation of mobile phones, many elderly individuals assumed it was their own mistake and suffered losses.

The officer found that all the data from these phones was connected to a server hosted by the same domain name. Through data tracking, it was determined that this server was used by criminals for their illegal activities, and over 14 million mobile phones across the country were under the control of this server.

It was revealed that in their cooperation with multiple mobile phone chip manufacturers, the criminal group implanted Trojan programs into the phone chips. After the rigged phones were sold, the criminals used the programs to gain control of the phones, retrieve users' information, and transmit it to the database of the group.

Subsequently, the group utilized the Trojan programs in the phone to send confirmation messages to certain charging services. After completing the necessary operations, all records of these messages were deleted, leaving the mobile phone users unaware of the fraudulent activities.

As of now, the case is still under investigation.