A serious cybercrime case has emerged in which a US-based technology company has suffered a major financial loss due to alleged unauthorized API access and possible insider involvement. The company has reportedly incurred a loss of around $141,467.80 (approximately ₹1.17 crore), following which an official complaint has been filed and investigation has been initiated at Dhoomanganj police station.
According to the complaint filed by the company’s authorized legal representative Mohammad Saeem, more than 120,000 suspicious API requests were recorded on the company’s servers over a span of two days—December 7 and 8, 2025. Although most of these requests failed, the unusually high volume created severe system strain, resulting in financial losses linked to usage-based billing and service consumption.
Bot Network Traced to Nepal IPs and Prayagraj Login
Preliminary cyber forensic analysis indicates that the entire activity was carried out using an automated bot network. Investigators have found that the traffic was routed through VPN infrastructure and IP addresses linked to Nepal, suggesting deliberate attempts to hide the real source of the attack.
FCRF Returns With CDPO, Its Premier Data Protection Certification for Privacy Professionals
A key breakthrough in the investigation is the trace of the last valid login session, which has been linked to Prayagraj. This development has significantly strengthened suspicions of possible insider involvement, as the login trail indicates access either from within the system or through compromised credentials.
Ex-Employee Shubham Shukla Emerges as Key Suspect
Adding another layer to the probe, certain suspicious IP ranges have reportedly been associated with a former employee of the company identified as Shubham Shukla. Investigators are now examining whether API keys, authentication tokens, or system credentials were misused or leaked internally, enabling external actors to execute the attack.
The company also reported repeated unauthorized API hits on third-party data platforms such as LexisNexis during the same timeframe. These repeated requests led to unexpectedly high billing charges, further escalating the overall financial damage. Cyber experts believe this pattern strongly indicates API abuse combined with bot-driven scraping attempts, potentially aimed at data extraction or financial exploitation through system overload.
Rising API Threats and Ongoing Probe
Cybersecurity specialists analyzing the case describe it as a coordinated attack involving both external bot networks and possible insider access. In such cases, attackers typically exploit stolen or leaked API keys to generate large-scale automated requests, which not only disrupt systems but also inflate operational costs significantly.
Experts note that API-based cyberattacks are rising rapidly due to increasing dependence on cloud infrastructure and third-party integrations. Weak authentication systems, poor access control, or lack of real-time monitoring can allow attackers to cause massive financial damage in a short period.
Authorities have registered a case against Shubham Shukla and begun a detailed investigation of server logs, authentication records, and IP trails. Cyber forensic teams are also probing whether any backdoors were created in the system or if privileged credentials were intentionally exposed.
Investigators are additionally analyzing VPN routes connected to Nepal to determine whether a larger organized cybercrime network is involved. The possibility of cross-border coordination is also being examined, given the complexity and scale of the attack pattern.
The incident highlights growing concerns around API security and insider threats in modern digital ecosystems. Experts stress that companies must adopt multi-layer authentication, continuous log monitoring, and strict access control policies to prevent such high-value cyber frauds.
The investigation remains ongoing, and agencies are working to map the complete digital network behind the attack and identify all individuals involved.
About the author – Ayesha Aayat is a law student and contributor covering cybercrime, online frauds, and digital safety concerns. Her writing aims to raise awareness about evolving cyber threats and legal responses.
