Ahmedabad, June 25: The Ahmedabad Cyber Crime Branch has dismantled a significant cyber fraud ring, arresting three suspects linked to the Giridih-Jamtara region of Jharkhand. These individuals allegedly created and distributed dangerous Android Application Package (APK) files, enabling cybercriminals to hack into people’s mobile phones and siphon off funds from their bank accounts.
The arrested suspects include 28-year-old Purnanand alias Mukesh Tiwari from Giridih, 33-year-old Vikas Das, and 26-year-old Sitaram Nakul Mandal. Mukesh Tiwari, the main accused, was apprehended with the assistance of the Railway Protection Force (RPF) while on a moving train near Kishanganj.
The investigation commenced following a complaint from Naresh Sabnani, a resident of the Hansol area in Ahmedabad. The complainant received a WhatsApp message warning him about the disconnection of his gas connection, purportedly from a representative of Sabarmati Gas Limited. The message instructed him to contact an alleged official and download an application titled “Sabarmati Gas Bill Update.APK.”
According to police, after downloading the app, the complainant’s mobile phone was hacked, resulting in a fraudulent withdrawal of ₹6.68 lakh from his HDFC Bank account. The victim reported the incident to the 1930 Cyber Helpline and the Cyber Crime Police Station, prompting the investigation.
Dr. Lavina Sinha, Joint Commissioner of the Cyber Crime Branch, stated at a press conference that they reached the main accused through technical analysis and intelligence. The investigation revealed that Mukesh Tiwari was responsible for creating malicious APK files and selling them to cybercriminals nationwide via a Telegram bot.
The police reported that the Telegram bot offered various APK options. These fake apps were disguised under names like SBI KYC, Bank of India, Bank of Baroda, Axis Bank, Yes Bank, Union Bank, IndusInd Bank, RTO e-challan, electricity bill, and other services.
The investigation uncovered that the accused had created fraudulent APK files in the names of at least 18 banks. He sold subscriptions for these files at ₹12,000 per month, attracting 300 to 400 clients monthly, resulting in earnings of approximately ₹40 to ₹50 lakh.
Vikas Das is accused of delivering these APK files to buyers, receiving payments through SBI’s YONO Cash service, which allows cash withdrawals from ATMs without a debit card. He reportedly forwarded the remaining amount to Mukesh Tiwari after deducting his commission.
Sitaram Mandal was involved in providing APK files to other cybercriminals and gathering information related to debit and credit cards. The police noted that Mandal had previously participated in OTP scams to extract sensitive information.
Investigators found that these fraudulent apps were also sent under the guise of gas bill updates, bank KYC, electricity bills, customer service, government schemes, e-challans, and even wedding invitations. Once installed on a mobile device, these apps gained access to SMS, contact lists, call logs, notifications, and banking information.
Dr. Sinha explained that the infected APK files would automatically be sent to WhatsApp and Telegram groups, rapidly spreading to thousands of users.
The police seized various APK files prepared in the names of different banks and institutions, along with domains, servers, email accounts, and other technical evidence from the suspects.
So far, this gang has been linked to 12 complaints registered on the National Cyber Crime Reporting Portal and five FIRs filed in Ahmedabad, revealing fraud amounting to approximately ₹70 lakh. Authorities believe the gang’s operations extended across multiple states, and the investigation is ongoing.
The police urge the public to download apps only from official app stores, avoid installing APK files from unknown sources, refrain from sharing OTPs or banking information, and to report any suspicious APK downloads immediately to the 1930 helpline or the nearest police station.
–
Leave a Comment