In a major nationwide cybercrime crackdown, Hyderabad City Police have arrested 52 individuals, including 32 bank officials, under “Operation Octopus 2.0”, exposing a large organised fraud network operating across multiple states. The coordinated action, carried out over seven days across nine states, has revealed deep involvement of banking personnel, mule account holders and intermediaries in facilitating large-scale cyber frauds.
According to officials, the arrested persons include 32 bank employees, 15 mule account holders, and 5 middlemen who allegedly played a key role in opening and operating bank accounts used for routing illicit funds. The operation was led by senior cybercrime officers, with multiple special teams deployed simultaneously across Maharashtra, Delhi, Rajasthan, West Bengal, Karnataka, Gujarat, Andhra Pradesh, Telangana and Bihar.
Investigators stated that the network was linked to nearly 850 cybercrime cases across India, with fraudulent transactions estimated at around ₹150 crore. These cases include investment scams, trading frauds, and so-called “digital arrest” scams, where victims are coerced through intimidation tactics into transferring money to fraud accounts.
FCRF Returns With CDPO, Its Premier Data Protection Certification for Privacy Professionals
Mule Accounts and Bank Staff Involvement
Police findings revealed that nearly 350 bank accounts were used to siphon and circulate illicit funds. A significant concern raised in the investigation is the alleged role of bank officials in bypassing standard Know Your Customer (KYC) norms and due diligence procedures to facilitate the opening of mule accounts. These accounts were later used to layer and transfer fraudulent money, making it difficult to trace the original source.
Among those arrested are employees from several private sector banks, including IndusInd Bank, Bandhan Bank, Bank of Baroda, Federal Bank, IDFC First Bank, Karnataka Bank, Karur Vysya Bank, AU Small Finance Bank, Equitas Small Finance Bank and HDFC Bank. The accused include branch managers, relationship managers, KYC verification officers, field officers, and clerical staff.
Ecosystem of Fraudsters and Shell Firms
Investigators said mule account holders knowingly provided their bank accounts for use in illegal transactions in exchange for monetary benefits. Middlemen allegedly acted as facilitators, sourcing these accounts from individuals and supplying them to higher-level operatives within the cybercrime ecosystem.
During searches conducted as part of the operation, police recovered 26 mobile phones, 14 cheque books, two pen drives, a laptop, and 21 stamps linked to shell companies. Officials said these materials indicate a structured system involving digital tools and fake corporate identities used to legitimise fraudulent transactions.
Organised Network, Systemic Threat
Hyderabad Police Commissioner V.C. Sajjanar stated that strict action will be taken against all individuals involved, including banking personnel who violated compliance norms. He emphasised that the investigation is ongoing and more arrests are likely as financial trails and digital evidence are further analysed.
Preliminary analysis suggests that the fraud network operated in a highly coordinated manner, with different roles assigned to different actors—bank officials facilitating account creation, middlemen sourcing accounts, and mule account holders executing transactions. The use of multiple layers of accounts helped conceal the money trail and delay detection by enforcement agencies.
Officials noted that the scale and spread of the operation highlight a growing threat in the digital banking ecosystem, where internal access and procedural lapses are being exploited by organised cybercrime groups. The involvement of trained banking staff has particularly raised concerns about systemic vulnerabilities.
The crackdown has also triggered fresh scrutiny of compliance mechanisms in financial institutions, especially in relation to account verification and transaction monitoring. Cybercrime experts believe that stricter internal audits and real-time monitoring systems are urgently needed to prevent similar networks from operating in the future.
Authorities have urged citizens to remain vigilant against cyber fraud schemes and warned against allowing their bank accounts to be used by others. They also reiterated that individuals must not share banking credentials or allow third parties to operate their accounts under any circumstances.
Further investigation is underway to identify additional links in the network, trace remaining funds, and determine whether more banks or financial institutions were involved in facilitating the fraud.
About the author – Ayesha Aayat is a law student and contributor covering cybercrime, online frauds, and digital safety concerns. Her writing aims to raise awareness about evolving cyber threats and legal responses.
