Programmer Steals $1 Million Exploiting a Major ATM Loophole

Hua Xia, the renowned Bank of China recently uncovered a fraud committed by their former manager, Qin Qisheng. The fraud made the bank lose a sum of $1 million (i.e 7 million yuan) without any trace leaving on their system.

According to the report, the bank’s system didn’t record the withdrawals made around midnight. This means even after withdrawing money the total balance remains unchanged during those hours. Generally, such a situation raises an alert alarm showing a message “The Transaction has failed ”, however Qin entered scripts into the banking system to suppress those alerts.

The 43-year-old Qin Qisheng managed to exploit the loophole to withdraw a sum of 7 million yuan from ATMs operated by the bank making nearly over 1,358 transactions, starting in November 2016 up to January 2018 when the bank uncovered the fraud and the loophole in their system, handing over Qisheng to the authorities for necessary trials.


Qin reportedly told the authorities that he was only doing an internal security check for the bank and was withdrawing money only to return it back to the bank, surprisingly the bank authenticated the story of Qin and agreed that it was an internal security check that the bank asked Qin to conduct. The bank also didn’t want to press any charges against Qin after he returns the money, maybe fearing the bad publicity of the bank.

The court, however, refused to drop the case because they had found evidence of Qin investing the money in stocks and keeping the withdrawn money in his personal account rather than keeping it in bank’s dummy account. The court imposed a fine of 11000 yuan and announced a sentence of 10 and a half years of prison time to the convict.