LUCKNOW, INDIA —An international cybercrime network with Chinese links has been exposed in the heart of Uttar Pradesh, as the Lucknow Cyber Crime Police announced the arrest of eight young men accused of duping victims across at least six Indian states. The suspects, all under the age of 29, allegedly acted as operatives for Chinese cybercriminals orchestrating sophisticated frauds via Telegram channels and laundering proceeds using the cryptocurrency Tether (USDT).
The scam, authorities said, preyed on the financially desperate offering false hope through fraudulent investment, online trading, and work-from-home job schemes. The racket has reportedly siphoned off ₹1.77 crore from victims spanning states such as Haryana, Assam, Tamil Nadu, Maharashtra, Karnataka, and Uttar Pradesh.
Digital Puppets and Decentralised Paydays
According to DCP-Crime Kamlesh Dixit, the operatives received their orders through Telegram groups such as “32-105/1” and “PAYGir G0!” where they were tasked with creating local bank accounts under fake or manipulated identities. “The accused lured individuals from economically weaker backgrounds to open bank accounts in exchange for cash or commissions,” Dixit said.
Once opened, these accounts were commandeered by the syndicate to funnel money collected through fake job listings, task-based scam apps, and phony online trading platforms. The accused would often withdraw the deposited funds in small amounts to avoid detection and immediately convert the rest into USDT cryptocurrency units that were sent to digital wallets controlled by handlers in China.
The cybercriminals thus used a potent cocktail of social engineering and decentralized finance to remain hidden. SHO Brijesh Yadav from the Cyber Crime Police Station said, “By the time complaints were filed, the money was already out of reach withdrawn in cash or sent abroad via crypto channels.”
Trail of Tether: Cryptocurrency Hides the Crime
The bust was the result of a sustained surveillance and forensic operation. On July 16, a joint team of the Cyber Crime Cell and Cyber Crime Police Station raided multiple locations in Lucknow, arresting:
- Rahul Sonkar (22)
- Mohammad Salman (28)
- Devansh Shukla (19)
- Raj Rawat (21)
- Faizan (21)
- Mojiz (21)
- Ankit Yadav (22)
- Karan Rawat (19)
Authorities seized ₹1.75 lakh in cash, 12 smartphones, 13 debit cards, two passbooks, and three cheque books—many linked to fraudulent accounts now listed on the Cyber Crime Reporting Portal.
The registered FIR includes charges under Sections 317(2), 318(4), and 61(2)(B) of the Bharatiya Nyaya Sanhita (BNS), as well as Section 66C of the IT Act. These cover data theft, impersonation, and criminal conspiracy through digital means.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
Cybersecurity officials believe this operation is only one node in a larger transnational network using Indian locals as foot soldiers. They warn that decentralized currencies and encrypted messaging platforms are making it harder to trace transactions especially when funds are quickly moved to offshore accounts or converted into stablecoins like USDT.
The Bigger Picture: A Warning for the Digital Economy
This case underscores the growing danger posed by international cyber syndicates using sophisticated tools and exploiting economic vulnerability. With Telegram-based coordination, decentralized crypto transactions, and multilingual operatives, these scams have become difficult to detect until after the damage is done.
Experts now urge stronger Know-Your-Customer (KYC) norms, AI-driven account monitoring systems, and cross-border coordination between Indian law enforcement and crypto-exchange regulators.
“This is digital exploitation of the worst kind,” a senior official remarked. “Our challenge is no longer just cybercrime, but transnational economic warfare disguised as opportunity.”
As investigations continue, authorities expect more arrests and are exploring international cooperation mechanisms to trace the handlers operating from China. The eight arrested operatives remain in custody as interrogations widen the net.