(Yicai Global) June 28 -- Chinese tech giant Tencent Holdings Group has reported a large-scale hacking operation to access users' QQ social media accounts via fake QR codes.

The stolen accounts were used by a criminal gang to disseminate pornographic images and advertisements, the Shenzhen-based firm said in a statement on Weibo yesterday.

On June 26, some QQ users reported that their accounts had been hacked. Tencent's cybersecurity team discovered that the users had scanned forged QR codes to log in.

Most of the logins were on Tencent's gaming platform WeGame, Yicai Global learned. The operator of several social media applications such as WeChat and QQ allows users to use their mobile applications to access an array of different apps.

Launched in 1999, QQ once was China's most popular instant messaging software but it was later replaced by WeChat. QQ's number of monthly active users fell 7 percent to 563.8 million as of March 31, 2022, from a year earlier, according to Tencent. Meanwhile, WeChat's MAU climbed almost 4 percent to nearly 1.3 billion.

The old platform has had its share of cybercrime in recent years. Tencent's open ecology which allows users to move seamlessly between different platforms provides a loophole for criminals, a security expert told Yicai Global.

Privacy issues are becoming common. It is extremely difficult to completely eradicate the complete shadow economy chain of account hacking, abuse, and transactions, said Wang Liejun, head of cybersecurity firm Qi An Xin Technology Group's threat intelligence arm.

Hacking tools have become increasingly accessible with the development of the underground economy so even people who barely have hacking skills can launch high-quality attacks by purchasing tools, Wang added.

To prevent such incidents, enterprises should systematically deploy appropriate security equipment, develop account security rules, and require users to regularly change their passwords, said Wang. Moreover, companies should organize cybersecurity drills to help raise employees' security awareness, he added.

Tencent is strengthening its oversight. In the first quarter of this year, QQ's security team cracked cases of more than five million accounts involved in fraud, gambling, and pornography, according to the platform.

Editors: Dou Shicong, Emmi Laine, Xiao Yi