Hubei cybersecurity police received a Second Class Merit Award, solving the province’s first “hundred-million-yuan” virtual-coin theft case in 70 days

According to a report from Hubei Daily on April 27, police officer Guo Tingyu from the Cybersecurity Unit of the Qingshan District Public Security Branch in Wuhan recently received a personal Second-Class Merit Award. Guo Tingyu graduated from Huazhong University of Science and Technology majoring in computer science. In 2023, he passed the civil service exam and entered the police force. In early 2024, he took charge of what was reportedly the first virtual-currency theft case in Hubei Province. After nearly 70 days of investigation and breakthrough work, the case was solved, involving more than 8B yuan in funds. All five suspects were fully punished by law.

Hubei’s first virtual-currency theft case: solved in 70 days, with more than 100 million yuan involved

According to reports by Hubei Daily, in January 2024, the Qingshan District Branch in Wuhan received a report of a virtual-currency theft case. The victim downloaded a counterfeit virtual-currency wallet app, which led to the theft of virtual currency valued at more than 300,000 yuan. At the time the case occurred, there was still no experience in Hubei Province in investigating this type of case.

After Guo Tingyu took over the case, he launched analysis in three directions: the virtual-currency distribution address, the development back end of the counterfeit wallet app, and the flow of funds. He produced more than 20 mind maps for the case. Over nearly 70 days, he locked onto suspect Huang’s identity information from the app’s development code.

According to reports by Hubei Daily, the counterfeit virtual-currency wallet app developed by Huang’s group passed the review process in app stores and was promoted to lure users into downloading it. The cumulative number of downloads exceeded 10,000, and the funds involved were more than 100 million yuan; Huang and four other suspects were all punished by law. After the case was solved, the Hubei Provincial Public Security Department sent a congratulatory message, and the Wuhan Municipal Public Security Bureau issued a commendation order.

The 2025 ransomware case: recover 400 GB of core data in 8 hours

According to reports by Hubei Daily, on February 18, 2025, Wuhan Qingshan police received a report from a certain large equipment design company in its jurisdiction, stating that its servers had been attacked by ransomware and that, in nearly one year, more than 400 GB of core equipment design data had been encrypted, putting the company at risk of paying millions of yuan in breach penalties.

After Guo Tingyu arrived at the scene, he found a hidden backup on the disk and restored all core data through eight hours of continuous work. He then used server operation logs to identify and lock down the virus file, tracing the virus samples back to a foreign IP address. Afterward, the company presented Qingshan Public Security Branch with a banner of honor. The text reads, “Digital protectors break the ransomware maze, recovering losses of one million, demonstrating public security responsibility.”

Guo Tingyu’s law-enforcement record and personal background

According to reports by Hubei Daily, Guo Tingyu studied computer science at Huazhong University of Science and Technology for both his undergraduate and graduate programs. After graduating, he worked for a Wuhan branch of a Beijing internet company. In July 2023, he passed the civil service exam and formally joined the Qingshan District Public Security Branch in Wuhan. As of the time the report was published, he had participated in investigating 2 ministry-level cases under the public security system and 6 provincial-level cases, and he had continuously investigated more than ten cases involving virtual-currency-related crimes. He also participated in investigating an AI-related criminal case.

In an interview with Hubei Daily, Guo Tingyu said, “Any online crime leaves a trail. People working in technology should keep a sense of reverence for technology and not open Pandora’s box that turns technology to wrongdoing.”

Frequently Asked Questions

What is Guo Tingyu’s educational background and when did he join the police force?

According to a report from Hubei Daily on April 27, Guo Tingyu studied computer science at Huazhong University of Science and Technology for both his undergraduate and graduate programs. After graduating, he worked for a Wuhan branch of a Beijing internet company; in July 2023, he passed the civil service exam and formally joined the Qingshan District Public Security Branch in Wuhan.

What is the scope of involvement and the investigation result of Hubei’s first virtual-currency theft case?

According to reports by Hubei Daily, the counterfeit virtual-currency wallet app developed by suspects including Huang had a cumulative download count exceeding 10,000 times, with funds involved exceeding 100 million yuan; Guo Tingyu spent nearly 70 days investigating and breaking the case. All five suspects were captured and punished by law.

What was the response result for the 2025 corporate ransomware attack case?

According to reports by Hubei Daily, Guo Tingyu found a hidden backup on the company’s server disk involved in the case. Through eight hours of continuous work, he restored more than 400 GB of core data from more than one year, and he traced it to a foreign IP address. He helped the company avoid the risk of paying millions of yuan in breach penalties.