Ghaziabad: An interstate cyber fraud syndicate that allegedly duped unsuspecting citizens of nearly ₹3 crore by sending malicious Android Package Kit (APK) files disguised as traffic challans and bank notices has been busted, with three accused arrested. Investigators say the gang is linked to at least 94 cyber fraud cases registered across 16 states.
The arrested accused have been identified as Pintu, Adarsh, and Prashant, residents of Bihar and Jharkhand. According to preliminary findings, the trio circulated malicious APK files to victims’ mobile phones, camouflaging them as traffic e-challans, RTO notices, banking alerts, or legitimate mobile applications. The links were primarily shared via messaging platforms, prompting recipients to download and install the files..
FCRF Launches Flagship Certified Fraud Investigator (CFI) Program
The moment a victim installed the APK file, their mobile device was compromised. The accused allegedly gained access to sensitive information stored on the phone, including banking credentials, OTPs, contact lists, and other personal data. Using the stolen information, they siphoned money from victims’ bank accounts into pre-arranged accounts before withdrawing or rerouting the funds to erase the digital trail.
Investigators revealed that the gang operated in a calculated and decentralised manner. By targeting victims across multiple states, they ensured that complaints were scattered geographically, reducing the likelihood of immediate detection. The use of layered bank accounts and staggered fund transfers made it difficult to trace the final destination of the stolen money.
During the operation, authorities seized 12 mobile phones allegedly used in executing the fraud, along with two laptops, eight SIM cards, and a car suspected to have been used in coordinating the activities. The electronic devices have been sent for forensic examination to determine the full extent of the fraud and identify additional victims or collaborators.
Sources indicated that during preliminary questioning, it emerged that the accused relied heavily on social engineering tactics. Messages were carefully crafted to create urgency and fear. Alerts such as “Your traffic challan is pending,” “Your bank account will be blocked,” or “Update KYC immediately” were designed to prompt immediate action from recipients without verification.
A detailed review of the 94 cases registered across 16 states is currently underway. Authorities are analysing complaint patterns to ascertain whether the trio was operating independently or as part of a larger cybercrime syndicate. The possibility of additional arrests has not been ruled out.
Cybersecurity experts have cautioned that fraud involving malicious APK files has seen a sharp rise in recent months. Downloading applications from unknown sources or clicking on suspicious links can expose users to severe financial risks. Citizens have been advised to install apps only from authorised app stores and verify any official communication directly through legitimate websites or helpline numbers.
A case has been registered under relevant legal provisions, and further investigation is ongoing. Based on digital evidence recovered so far, investigators are assessing whether the total fraud amount could exceed ₹3 crore. Authorities believe that deeper scrutiny of seized devices may lead to further revelations about the scale and operational structure of the network.
About the author — Suvedita Nath is a science student with a growing interest in cybercrime and digital safety. She writes on online activity, cyber threats, and technology-driven risks. Her work focuses on clarity, accuracy, and public awareness.
