The young Russian from the city of Kazan recently discovered an interesting bug in the Ak Bars mobile banking application. He probably accidentally transferred a certain amount of money from a bookmaker account to his blocked card. And then he noticed that although the bank rejected the operation, returning the amount back to the bookmaker, this money still appeared on the guy’s card, though on another, unlotted. That is, he could use the means credited: transfer them and remove from the card.
It is not clear what this bug was connected with, but the young man decided to once again not understand his reasons, and quickly earn money on the identified lack of security. Further, the man only was engaged in repeating the procedure for transferring money from the account of the bookmaker to a blocked card. Having a very small amount at his disposal, the young man managed to perform 30 thousand of the same operations in 10 days and increase his capital by 68 million rubles.
However, the happiness of the “novice entrepreneur” did not last long, as the bank employees discovered its manipulations and blocked the account. Nevertheless, the man managed to withdraw a solid part of the funds in the form of cash, bought himself a car and disappeared in an unknown direction. Police officers are already notified of his financial crime and are actively looking for a fraudster.
This case clearly shows how even an insignificant software error in the hands of a fairly entrepreneurial and persistent person can cause millions of losses to large companies.