China strikes spyware gang of four with hefty jail sentences

March 25, 2008 Sophos Press Release

Behind bars
The hackers have been sentenced to up to eight years in a Chinese jail.

IT security and control firm Sophos has reminded hackers of the consequences of cybercrime, following the announcement that a Chinese court has handed out hefty jail sentences to four men who used a Trojan horse to steal bank account information.

According to media reports, the men stole more than 100,000 yuan (over $14,000) from internet bank accounts after distributing a spyware Trojan horse.

Shanghai's Intermediate People's court sentenced Chen Feng, Yu Li and Zhang Wei to prison for between six and a half to eight years, after finding them guilty of larceny. The men were also fined between 40,000 and 60,000 yuan. A fellow conspirator, Zhao Gang, who drew money out of cash machines, was sentenced to 30 months in prison for hiding illegal income.

The court heard that the men discussed stealing identities with malware to break into online bank accounts in early 2007. In just over a month they stole 127,800 yuan (US $18,000) from the bank accounts of three victims, transferring the money into an account set up by Yu Li, before withdrawing cash at different ATMs.

"Hackers need to think long and hard about whether it's worth the risk before embarking on their life of crime. An eight year jail sentence is one of the toughest we have ever seen in connection with malware. Spending time in a Chinese jail for such a small reward seems an enormously dangerous gamble for cybercriminals to make," said Graham Cluley, senior technology consultant for Sophos. "Sadly we are seeing more and more malware emerging from China, much of it designed to steal information from unsuspecting computer users. The advice for consumers and businesses remains to secure their computers with tight defenses."

Sophos recently published its Security Threat Report 2008, which revealed that over half of the world's malware is hosted on webpages based in China:

Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.