China continues Pig-Butchering Crack-down
2023-12-2 20:45:0 Author: securityboulevard.com(查看原文) 阅读量:5 收藏

One of my techniques for keeping current on Cybercrime trends is having an “interesting” collection of international news ticklers. This story came to me via X:CyberScamMonitor via a QQ account called “onCambodia.” @CyberScamMonitor is a Twitter/X account and Substack account dedicated to tracking online scam and gambling operations in Southeast Asia and documenting human trafficking and human rights abuses. Great work and a strong recommendation to follow if you wish to learn more about the links between #CryptoScams and #PigButchering.

I apologize to the original journalist as I have been unable so far to find the original to give them full credit. For reference, the Chinese article I refer to provides the source as 来源:鲁中晨报 (Source: Luzhong Morning News). The headline is: “Chinese woman was arrested after returning to China! Uncovering the financial backers of a fraud syndicate in Sihanoukville.” If anyone has a link to the Luzhong Morning News version, please comment and I will update! This post is mostly just a retelling of their story in English!

The story told, in my opinion, should have the headline “Diligent Police Task Force won’t stop tracking Fraudsters!” This story features the Yiyuan County Police who started with a telecom fraud case in their jurisdiction and followed it until they had wrapped up the entire organization and seized 200 million yuan from the criminals, 1/4th of it in cash, but also in real estate, luxury cars, watches, and liquour. That’s over $28 Million USD! The case started with a local business who found that one of their employees had sent out 38 million yuan in just a few days. The employee was being extorted after installing a porn-dating app on his phone — when the criminals learned where he worked they demanded that he send money from his company as well. 

 The case was taken up by the “3.01” Task Force. Yiyuan County is administered as part of Zibo City in Shandong Province of China. Police officers from county, city, and provincial level work together on the 3.01 Task Force.  (Shandong is in the east of China, across the Yellow Sea from South Korea.) The deputy magistrate of Yiyuan, Zhang Xiuguang (张秀光), takes an approach to cybercrime that reminds me of the work of the Garda National Economic Crimes Bureau in Ireland!  Zhang says “Since we established the task force, we have firmly believed that we must recover the losses and hit the core.  From catching the first culprit, we will not withdraw our troops until the case is solved!”

The case dragged on at a very slow pace, Yiyuan deputy director of public safety Ma Wencheng (马文成) described it as involving the tracing of funds from thousands of accounts and peeling back each account like peeling layers from bamboo shoots. Even with a 100 person task force, very little progress was being made, but that changed with a key arrest on 31AUG2022. The key piece of evidence as a suspicious mobile phone number. Among all of the hundreds of thousands of scraps of evidence, there was a telephone number belonging to a woman in Cambodia. Recognizing that Cambodia is the home of many telecom fraud rings, the head analyst for the task force, Lu Lu, focused on the owner of that number. The decision was made to wait for her to return to China. The police have assigned this key figure the alias Xie Xiaofang. When they learned that Xie was returning to China, the task force rushed to Zhengzhou in Henan Province and arrested her as she was leaving quarantine.

As she was questioned, Xie Xiaofang revealed that her #PigButchering group was based in the Chinatown setion of Sihanoukville, Cambodia. Her job within the organization was laundering the money, but she claimed despite her key role, she only knew middle managers in the gang, and then only by alias. The 3.01 Task Force team began tracking each person traveling to China from Sihanoukville and asking Xie Xiaofang to identify them. Within a few weeks, they had mapped out the leadership of the organization. On 17SEP2022, the team traveled to Jiangxi, Yunnan, Fujian, and other places, arresting two more key members and seven others, followed in quick succession by dozens more, eventually totaling 135 arrests. At this point, the Shandong Provincial Public Security Department thought it was time to reward their team.  The photo below shows the public ceremony where all of the local dignitaries publicly praised the work of the 3.01 Task Force, who had at this point seized 8.5 million yuan (about $1.1 million) and had key leaders of the gang in custody. 

(source: https://zibo.sdchina.com/show/4733923.html ) 

But the team was not done yet. As they interrogated those who had been arrested so far, they realized that there was still a bigger boss. The police assigned him the alias Tang Xiaowei, but they were cautioned by their current detainees that this guy has a “very strong sense of anti-reconnaissance.” He only uses cash. He doesn’t use mobile phones. He doesn’t use credit cards.  He doesn’t have a fixed address. But he was known to have a favorite place in Xiamen.  The head analyst, Lu Lu, however, believed that Tang would know about the arrests and would be looking for a way to get out of the country safely, and in the mountains of evidence, Lu Lu believed there was a clue to his exit point. Someone under their surveillance had arranged for a large party in “an Internet celebrity hotel” in Guilin, Guangxi. Lu Lu was confident this would be for Tang. 

Speeding down the highway for nearly 1200 miles with members of the 3.01 task force, Lu Lu’s vehicle fell into a pit related to some road construction, but they acquired another vehicle and continued on through the night. They arrived just in time to arrest Tang and his closest associates!  It turned out that Tang and his gang were leaving for the coast that morning where a boat was waiting to smuggle them out of the country and back to Cambodia!  They had the actual top kingpin in their hands and now they could finally pull apart the entire organization.  

Based on the information they acquired, additional arrest teams were sent to Beijing, Shanghai, Tianjin, Guangxi, Hebei, Henan, Guizhou and other cities where 18 teams assigned to different roles for the organization were arrested.  Three technical teams, 1 “payment on behalf” gang, and 14 “point running” gangs totaling 197 additional criminal suspects.  Boxes and suitcases loaded with cash were seized.

While the case that started with the Yiyuan County Police investigating one employee who seemed to be embezzling funds, it led to 38 million yuan ($5.3 million USD) being returned to citizens in Yiyuan and Zibo City and has spawned countless additional investigations as the national and international connections are still being traced. 

This is what COULD happen if we follow the model of the brave Yiyuan Police (the same model which the Garda National Economic Crime Bureaus follows!)  DON’T STOP.  DON’T take your local arrests and be happy with them.  FOLLOW EVERY LEAD.  

We’ll close with this quote from Zhang Xiuguan … 

“No matter how far you run, the Yiyuan police are not afraid of hardships and dangers.  They will catch you no matter how far you go!” 

*** This is a Security Bloggers Network syndicated blog from CyberCrime & Doing Time authored by Gary Warner. Read the original post at: https://garwarner.blogspot.com/2023/12/china-continues-pig-butchering-crack.html


文章来源: https://securityboulevard.com/2023/12/china-continues-pig-butchering-crack-down/
如有侵权请联系:admin#unsafe.sh