BlockBeats news, on April 16th, according to Yuntiao, from March to May 2023, three front-end development engineers, Liu, Zhang1, and Dong2, conspired to illegally obtain others' digital wallet private keys, mnemonic words, and other data by embedding a "backdoor" in the iToken APP application package in advance, and uploaded them to the database of the pre built VPS backend server corresponding to the specified domain name, and then downloaded them to the local server. After identification, a total of 27622 mnemonic words and 10203 private keys were illegally obtained (all of which have been deduplicated). The above-mentioned mnemonic words and private keys were successfully converted into 19487 digital wallet addresses (deduplicated). Liu is responsible for writing the code for the request logic; Zhang is responsible for setting up VPS and database, as well as uploading iToken to Android; Dong is responsible for purchasing domain names, encrypting user private keys, and uploading iTokenIOS.
After the defendants Liu, Zhang, and Dong all confessed to the above-mentioned criminal facts. The court held that the defendants Liu, Zhang1, and Dong conspired to illegally obtain computer information system data through other technical means in violation of national regulations. The circumstances were particularly serious, and their actions constituted the crime of illegally obtaining computer information system data and should be punished. The prosecution found the charges guilty. All three defendants were sentenced to three years in prison and fined RMB 30000 for illegally obtaining computer information system data. The defendants Liu, Zhang, and Dong are prohibited from engaging in network security management, network operations, and related work for three years from the date of completion of their sentence.
