In a significant breakthrough against rising cybercrime in the national capital, Delhi Police have busted an organised cyber fraud gang that used fake APK files to gain remote access to victims’ mobile phones and drain their bank accounts. The mastermind of the racket, along with one associate, has been arrested, exposing a wide digital fraud network operating across multiple states.
According to police officials, the gang operated in a highly structured manner and was capable of bypassing basic security systems used in smartphones. The mastermind was arrested from Uttar Pradesh’s Deoria district, while his associate was apprehended from Gorakhpur. Together, they were running a coordinated cyber fraud operation targeting victims across the country.
FCRF’s Flagship Cyber Law Certification Returns With a New Four-Week Cohort
Investigators revealed that the accused impersonated customer care representatives or bank officials over phone calls. Victims were then sent a malicious APK file named “Customer Care Support” through WhatsApp or other messaging platforms and were persuaded to install it on their devices. Once installed, the app granted complete remote access to the victim’s phone, enabling the accused to control banking apps, OTP messages, and digital wallets, eventually siphoning money from their accounts.
Police said the mastermind, Abhay Sahni, is an eighth-grade dropout who learned hacking techniques through YouTube tutorials and Telegram groups. He created modified APK files and distributed them through Telegram channels, selling them to cyber fraudsters across India in exchange for money.
The second arrested accused, Umesh Kumar Rajak, allegedly purchased these APK files and used them to carry out fraud. In one case, he reportedly cheated a victim of ₹1,20,999 by posing as a power utility representative and threatening to disconnect electricity if immediate payment was not made.
Investigations further revealed that the gang used advanced techniques to evade detection. The malware-laced applications were designed to bypass standard antivirus software and mobile security systems, making it difficult for users to detect any suspicious activity on their devices.
The accused were reportedly selling these malicious applications through Telegram for around ₹4,000 per file and also provided technical support to buyers. Police estimates suggest that the mastermind alone had sold 40 to 50 such APKs and personally defrauded 20 to 25 individuals.
A major recovery was also made during the operation, including 11 smartphones, 11 debit cards, eight SIM cards, one crypto hardware wallet, and a car. The crypto wallet is currently under forensic examination to determine whether digital assets were used to hide or transfer illicit proceeds.
Authorities are also investigating possible links of the gang with other cybercriminal networks operating in different states and potentially overseas. Officials believe the racket may be part of a larger ecosystem of cyber fraud operations leveraging social engineering and mobile-based malware.
Police officials stated that the case highlights the evolving nature of cybercrime, where criminals are increasingly using sophisticated digital tools to exploit unsuspecting users. The investigation is ongoing, and efforts are underway to identify and arrest other members connected to the network.
