Bengaluru: In a case that reveals the growing sophistication of India’s financial cybercrime networks, Bengaluru’s Central Crime Branch has uncovered a ₹47-crore hack on a private finance firm — a digital caper stretching from Belagavi to Dubai, Hong Kong, and Lithuania.
The Midnight Transfers That Triggered an Alarm
At 12:05 a.m. on October 6, a senior manager at Wisdom Finance Pvt. Ltd. noticed something unusual. Within two and a half hours, nearly ₹47 crore had vanished from the company’s accounts through a series of unauthorized online transactions.
The firm’s internal investigation quickly ruled out insider involvement: none of the transfers had originated from the company’s registered IPs. Instead, the digital footprints pointed to foreign servers, setting off one of the largest corporate cybercrime probes Bengaluru has seen in years.
Police Commissioner Seemant Kumar Singh called it “the first of its kind cracked by the CCB team,” confirming that the digital trail led to multiple countries — and that several key suspects were operating out of Dubai.
The First Firm to Assess Your DFIR Capability Maturity and Provide DFIR as a Service (DFIRaaS)
Tracing the Digital Trail: From Belagavi to Dubai
Investigators soon traced the suspicious IP addresses to Webyne Data Centre, whose rented infrastructure had been purchased by Ismail Rasheed Attar, 27, a high-school dropout working as a digital marketing executive in Belagavi. Attar was arrested after police discovered that his rented IPs were being used to mask the movements of funds siphoned from Wisdom Finance’s accounts.
Two alleged kingpins — believed to be controlling the operation from Dubai — reportedly rented five foreign servers and hired Hong Kong–based hackers. These hackers breached the finance company’s Application Programming Interface (API) layer, bypassed its authentication modules, and triggered hundreds of small, automated fund transfers.
By the time security teams detected the breach, 1,782 transactions had been executed across 656 bank accounts, many of them controlled by intermediaries paid small commissions to provide “mule” accounts.
The Plumber and the Proxy Firms
Among those arrested was Sanjay Patel, 43, a plumber from Udaipur, Rajasthan, who admitted to lending his bank account for commission. One of the flagged transfers — ₹27.39 lakh — had landed in his State Bank of India account.
In another strand of the trail, investigators found that ₹5.5 crore had been funneled to Unknown Technologies Pvt. Ltd., Hyderabad, a proxy entity later linked to another suspect. The money was subsequently routed to a private bank account belonging to an unidentified individual.
Police have so far recovered ₹10 crore and are working with Interpol and cyber forensic units to trace the remaining funds across multiple jurisdictions.
The Anatomy of a New Cyber Economy
Cybercrime experts say this operation is emblematic of a growing trend: small-town operatives leasing cloud servers or proxy IPs that are then re-routed through global networks.
“It’s a distributed workforce of crime,” said a senior investigator. “From Dubai coordinators to Belagavi freelancers, everyone has a role.”
