Bank Forgives Programmer Who Withdrew $1M in Cash after Finding ATM Flaw

[Megalith]

Qin Qisheng, a senior programmer at Chinese Bank Huaxia, has been jailed for 10 and a half years after taking advantage of “a loophole in the bank’s core operating system that meant cash withdrawals made around midnight were not recorded.” Mr. Qisheng, who was evidently unhappy with his employer’s pay, ultimately managed to collect $1M before he was caught by a manual check. While the bank “accepted his explanation that he had simply been trying to test its internal security and the cash was just resting in his own account before he returned it to his employers,” the courts demanded punishment.

Qin discovered the flaw in the system in 2016 and in November that year he inserted a few scripts in the banking system which he said would allow him to test the loophole without triggering an alert. For more than a year he made cash withdrawals of between 5,000 yuan and 20,000 yuan (US$740-US$2,965) from a dummy account the bank used to test its systems. By January 2018 he had amassed over seven million yuan – the equivalent of just over a million US dollars – without telling his superiors what he was doing.

 

[Amorius]

So, in other words, they punish for doing domestic crimes but reward them for doing international crimes.

 

[Spidey329]

Why would you test a security hole for over a year? All without letting someone else know?

He simply got caught before he could make plans to get out of the country with his new fortune (that or he got overconfident / complacent and greedy).

 

[Oldmodder]

So, in other words, they punish for doing domestic crimes but reward them for doing international crimes.

Sound familiar, seem normal.

Dont get caught with hand in cookie jar, but if you do then deny deny deny deny often work, which is the most amazing thing of all.

 

[Brian_B]

I don't know, sounds legit.

 

[Paladin21]

Didn't he watch Office Space? You burn the building down, go get a job you actually like, and pretend that nothing ever happened.

 

[Burticus]

Yeah. "Testing". Sure.

I wonder what the ATM limits are over there though... because if it was the US, and you can only do a single transaction of $500 right at the magic window.... you'd have to pull that trick 2000 times and not get caught. Thats every night for 5 and a half years. That is WAY too many times to not get caught by a random element.

Honestly I'd get tired of doing it that many times.

OK so the article says "US$740-US$2,965" per transaction. Even at the maximum amount, it would be 337+ transactions.

It also says he " had returned all the money to the bank before his arrest, it was not enough to spare him". Wait, so he returned all the money with a semi-valid explanation BEFORE he got caught? Hmmmmm. And the bank accepted his story and declined to press charges, but the court still did. Sounds like he didn't have a good enough lawyer (however that works in China anyway).

 

[umeng2002]

The real trick was making it seem like he only took out 1 Million bucks.

 

[greenman]

The real trick was making it seem like he only took out 1 Million bucks.

Nice.

 

[katanaD]

FTFA:

For more than a year he made cash withdrawals of between 5,000 yuan and 20,000 yuan (US$740-US$2,965)

WOW.. he was able to withdraw up to $3K at a time?