Chinese Student Charged for Running a Mass Smishing Campaign to Harvest Victims Personal Details

The investigation was conducted by the Dedicated Card and Payment Crime Unit (DCPCU), a specialist banking industry-sponsored police unit, working in collaboration with major mobile network operators including BT, Virgin Media O2, Vodafone Three, and Sky. Xiong’s operation employed a mobile SMS Blaster device transported in a Black Honda CR-V, enabling him to establish rogue base stations throughout the Greater London area. UK Finance analysts identified the sophisticated nature of the attack vector, noting that the mobile deployment strategy made traditional detection methods significantly more challenging than stationary fraud operations. Once connected, the system would inject fraudulent text messages directly into victims’ devices, bypassing traditional SMS filtering mechanisms employed by mobile network operators. The device generated amplified signals that appeared stronger than legitimate network infrastructure, effectively hijacking mobile device connections within approximately a one-kilometer radius. The equipment functioned as an illegitimate phone mast, broadcasting stronger signals than legitimate networks to force nearby mobile devices to connect to his malicious infrastructure. The malicious messages were crafted to impersonate trusted government bodies and legitimate organizations, containing embedded links that redirected victims to credential harvesting websites designed to steal personal and financial information. A sophisticated smishing operation targeting tens of thousands of potential victims across Greater London has resulted in the sentencing of Ruichen Xiong, a Chinese student, to over a year in prison at Inner London Crown Court. The case represents a significant escalation in mobile-based fraud tactics, utilizing advanced SMS blasting technology to conduct large-scale credential harvesting operations between March 22-27, 2025. This technique, known as a false base station attack, exploits the automatic network selection protocols inherent in mobile communication standards. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. This case highlights the evolving sophistication of mobile-based fraud operations and the critical importance of multi-stakeholder collaboration in combating such threats. Tushar is a Cyber security content editor with a passion for creating captivating and informative content.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 03 Jul 2025 07:50:13 +0000


Cyber News related to Chinese Student Charged for Running a Mass Smishing Campaign to Harvest Victims Personal Details

Chinese hacking documents offer glimpse into state surveillance - Chinese police are investigating an unauthorized and highly unusual online dump of documents from a private security contractor linked to the nation's top policing agency and other parts of its government - a trove that catalogs apparent hacking ...
1 year ago Apnews.com
Protecting Student Privacy Online - In the rapidly evolving world of online education, the protection of student privacy has emerged as a critical concern. This article delves into the privacy risks associated with online education and highlights the significance of complying with ...
1 year ago Securityzap.com
Student Cybersecurity Clubs: Fostering Online Safety - Student cybersecurity clubs are playing a crucial role in promoting online safety among students. Student cybersecurity clubs play a vital role in this regard, as they provide a platform for students to learn about the latest threats, share best ...
1 year ago Securityzap.com
Strategies for Securing Student Data in Cloud Services - This article addresses the strategies that educational organizations can employ to ensure the protection and confidentiality of student data in cloud services. Implementing strong access controls is crucial for ensuring the security of student data ...
1 year ago Securityzap.com
Securing Student Data in Cloud Services - In today's educational landscape, securing student data in cloud services is of utmost importance. One key aspect of securing student data in cloud services is ensuring proper data encryption. This article explores the various challenges and best ...
1 year ago Securityzap.com
Uncovering Chinas Surveillance of the United States Spies Hackers and Informants - Last week, a Chinese surveillance balloon in the United States caused a diplomatic uproar and raised concerns about how Beijing collects intelligence on its biggest rival. FBI Director Christopher Wray said in 2020 that Chinese spying is the most ...
2 years ago Securityweek.com Silence
Chinese Student Charged for Running a Mass Smishing Campaign to Harvest Victims Personal Details - The investigation was conducted by the Dedicated Card and Payment Crime Unit (DCPCU), a specialist banking industry-sponsored police unit, working in collaboration with major mobile network operators including BT, Virgin Media O2, Vodafone Three, and ...
5 days ago Cybersecuritynews.com
The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying. - Spying and surveillance are different but related things. If I hired that same private detective to put you under surveillance, I would get a different report: where you went, whom you talked to, what you purchased, what you did. Putting someone ...
1 year ago Schneier.com
Threat Actors Leveraging Toll Payment Services in Massive Hacking Attack - The attackers have demonstrated remarkable sophistication in their ability to spoof official toll service communications, making it exceptionally difficult for average consumers to distinguish between legitimate messages and fraudulent ones. At the ...
3 months ago Cybersecuritynews.com
Privacy Policy 2024 - Personal information is any information that identifies you or would enable someone to contact you, which may include your name, email address, phone number and other non-public information that is associated with such information. Information We ...
1 year ago Bitsight.com
IT-Harvest Reaches Milestone With Ingestion of 10K Cybersecurity Products Into Dashboard - PRESS RELEASE. BIRMINGHAM, Mich., March 11, 2024/PRNewswire/ - IT-Harvest, the only provider of comprehensive cybersecurity industry data, is thrilled to announce a significant milestone in its journey. IT-Harvest's industry Dashboard, the company's ...
1 year ago Darkreading.com
Cybersecurity Crisis Looms: FBI Chief Unveils Chinese Hackers' Plan to Target US Infrastructure - As the head of the FBI pointed out Wednesday, Beijing was positioning itself to disrupt the daily lives of Americans if there was ever a war between the United States and China if it were to plant malware to damage civilian infrastructure. U.S. ...
1 year ago Cysecurity.news Volt Typhoon
Smishing: SMS Phishing Attacks And How to Thwart Them - Smishing is a fast growing version of one of the most established and lucrative scams on the internet. Smishing, like other forms of phishing, aims to trick you into revealing sensitive data and information; however, instead of email, cybercriminals ...
1 year ago Cysecurity.news
Schneier on Security - Spying and surveillance are different but related things. If I hired that same private detective to put you under surveillance, I would get a different report: where you went, whom you talked to, what you purchased, what you did. Putting someone ...
1 year ago Schneier.com
Beware of $5 SMS Phishing Attack Targeting Toll Road Users - A widespread and ongoing SMS phishing (smishing) campaign targeting toll road users across the United States has been identified, posing a significant threat to motorists’ financial security. Since mid-October 2024, cybercriminals have been ...
2 months ago Cybersecuritynews.com
China's Dogged Campaign to Portray Itself as Victim of US Hacking - For more than two years, China's government has been attempting to portray the US as indulging in the same kind of cyber espionage and intrusion activities as the latter has accused of carrying out over the past several years. A recent examination of ...
1 year ago Darkreading.com Volt Typhoon
New Chinese Smishing Kit Dubbed 'Panda Shop' Steal Google, Apple Pay & Credit Card Details - A sophisticated new smishing kit dubbed “Panda Shop” has emerged from China, enabling cybercriminals to steal financial data including Google Pay, Apple Pay, and credit card details. The kit also supports OTP (One-Time Password) ...
2 months ago Cybersecuritynews.com
Canada says China-linked information campaign spreading false narratives about prime minister | The Record from Recorded Future News - Ottawa officials said in a report Monday that the campaign centers around a popular anonymous news account called Youli-Youmia, which is linked to a Chinese state agency responsible for policing, intelligence and internal security. A China-linked ...
2 months ago Therecord.media
DHS and FBI: Chinese Drones Pose Major Threat to U.S. Security - The cybersecurity arm of the Department of Homeland Security and the Federal Bureau of Investigation have jointly issued a public service announcement cautioning about the potential risks posed by Chinese-manufactured drones to critical ...
1 year ago Cysecurity.news
Smishing Triad Targets UAE Residents in Identity Theft Campaign - Security researchers have observed a new fraudulent campaign orchestrated by the Smishing Triad gang and impersonating the United Arab Emirates Federal Authority for Identity and Citizenship. Operating through malicious SMS messages that claim to be ...
1 year ago Infosecurity-magazine.com
7 Months Inside an Online Scam Labor Camp - He had been kidnapped and forced to work for an abusive online scam operation. A man was abducted by a Chinese gang and forced to work in a scam operation. More than anything else, Neo Lu, a 28-year-old Chinese office worker, believed the gig would ...
1 year ago Nytimes.com
CVE-2008-7092 - Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to inject arbitrary web script or HTML via a Javascript event in the (1) url, (2) PageName, and (3) title parameters in a ...
7 years ago
Chinese Agent Impersonates as Stanford Student For Intelligence Gathering - According to experts consulted during the investigation, Chen was “likely an agent of the Chinese Ministry of State Security (MSS), tasked with identifying sympathetic Stanford students and gathering intelligence”. The agent, operating ...
1 month ago Cybersecuritynews.com
Belgium probes if Chinese hackers breached its intelligence service - According to The Brussels Times, the hacked server also routed internal HR exchanges among Belgian intelligence personnel, raising concerns about the potential exposure of sensitive personal data including identity documents and CVs belonging to ...
4 months ago Bleepingcomputer.com APT3 APT30 GALLIUM
Taiwan charges Chinese ship captain with breaking subsea cables | The Record from Recorded Future News - Although Taiwan has been claimed by Beijing since the conclusion of the Chinese Civil War in 1949, it has been a self-governing territory throughout that period — moving from being a military dictatorship to becoming a multi-party democracy in the ...
2 months ago Therecord.media

Latest Cyber News


Cyber Trends (last 7 days)