Fast food chain KFC has been on the news in China for the past few days. And for a very specific reason, since Chinese students ended up in jail at the end of the story. The reason: the exploitation of a computer vulnerability.
A bug in a messaging application
You could say that KFC was plucked. A student named Xu realized that by paying for his order in vouchers, he could get an instant refund even though he hadn’t paid anything. He used the coupons in the restaurant chain’s app and then requested a refund by switching to the WeChat instant messaging platform, explains the Daily Mail. However, seeing the financial opportunity presented, he informed four of his classmates and they started a lucrative business that was obviously illegal. They resold orders to people around them at low prices. In the face of an unbeatable bill, they quickly found success with others. However, after six months the small gang was (also) noticed and exposed.
The prison is closed and fined
In fact, between April and October 2018, they raised no less than $ 25,000, which equates to € 20,000. However, the police discovered the deception and the five people ended up in the Chinese judiciary, known for its severity. On May 11, the Shanghai court sentenced Xu to two years’ imprisonment and a fine of 700 euros. His comrades are sentenced to between 13 and 24 months in prison and fines of 135 to 500 euros. In China, the sanctions are heavily criticized on social networks because they are considered too severe compared to the seriousness of the facts ascertained.