ATM Loophole Let Programmer Withdraw $1 Million


It sounds like something straight out of a motion picture: an unsatisfied bank programmer finds the ideal plan for making an ATM spit out free cash.

In any case, obviously, this story is valid: The South China Morning Post and China’s Daily Economic News report that 43-year-old Qin Qisheng figured out how to withdraw more than 7 million Yuan (almost $1 million USD) from ATM (s) operated by his employer, Huaxia Bank — all by exposing a crazy loophole.

As indicated by the reports, the bank’s system didn’t legitimately record withdrawals made around midnight — viably spitting out without removing the total from a user’s account. Normally, that may send up a red flag that a transaction had failed, however, Qisheng supposedly inserted scripts into the system that suppressed those alerts.

Qisheng began pulling out cash in November 2016, yet it wasn’t until January 2018, about 1,358 withdrawals later, that the bank found the bad code in its system and brought him to the experts.

Maybe the most amazing piece of this story: the bank would not like to continue pressing charges once he’d returned the money. Possibly fearing the bad publicity (evidently the loophole has just been fixed), Huaxia Bank purportedly requested that police drop the case — supposedly tolerating Qisheng’s explanation that he was only testing the bank’s security and was holding onto the cash for the bank to reclaim. As one does.

The courts refused, however, and Qisheng is presently taking a look at 10 and a half years in jail subsequent to losing his appeal. They didn’t buy the argument, taking into account that he’d moved the money to his own personal account, rather than the bank’s dummy record, and had clearly been putting some in the stock market, as well.

We’ve seen some big, coordinated ATM heists as of late, and the FBI has cautioned of additional, yet it’s somewhat more amusing to imagine this one person setting aside his ill-gotten gains for a retirement like none other.


Please enter your comment!
Please enter your name here