Chinese national arrested in HCMC for operating rogue telecom stations to facilitate scams

Police in Ho Chi Minh City's District 10 have arrested a Chinese man and two accomplices for allegedly operating illegal base transceiver stations (BTS) to spread spam messages throughout the area. The arrests followed an investigation into illegal BTS activities linked to scams involving criminals from China and Chinese Vietnamese individuals.

The suspects, identified as Wu CongMing, 56, Thoi Vi Quoc, 36, and Phung Lac Tong, 37, are being investigated for unauthorized access to computer networks, telecommunications systems, and electronic devices.

According to the police, Wu, a Chinese national, was contacted in June by individuals from Hong Kong who arranged for the deployment of devices disguised as BTS units. These devices were used to send spam messages promoting online gambling to mobile phones in the area. The Hong Kong contacts provided the equipment and instructed Wu to hire Tong and Quoc to transport the devices across various parts of the city. The group communicated via WhatsApp.

In late July, the devices were delivered to Wu's residence in Ho Chi Minh City's Binh Tan District. Over the following week, Tong conducted tests by driving a car equipped with the devices through multiple streets, reporting the results back to the WhatsApp group.

The operation was uncovered in early August when Tong was apprehended by police while driving in District 10. Authorities have accused Wu, Quoc, and Tong of assisting the Hong Kong suspects in disrupting legitimate BTS signals, which prevented mobile phones from sending texts or making calls normally. This interference reportedly caused significant revenue losses for telecommunications providers.

The Authority of Information Security noted that a fake BTS device, which can be as large as a suitcase, is capable of sending up to 70,000 messages per day. Many residents in Ho Chi Minh City have reported receiving spam messages related to online gambling and sex services, some of which impersonated official communications from banks. These messages often contained links intended to install malicious software on the recipient’s device.