A 28-year-old Delhi-based MCA student has been arrested for allegedly developing Android Package Kit files that were used in multiple cyber fraud cases across India, with investigators linking the alleged digital fraud ecosystem to more than 3,000 complaints and financial losses exceeding ₹42 crore.
Officials said the accused allegedly created and supplied customised APK files that were later distributed through secondary networks to impersonate government departments, utility services and financial institutions. The fake applications were allegedly designed to trick users into entering personal and banking information, enabling unauthorised financial transactions.
FCRF’s Flagship Cyber Law Certification Returns With a New Four-Week Cohort
Fake Apps Designed Around Government and Utility Services
The case surfaced after several cybercrime complaints were registered on the National Cyber Crime Reporting Portal, where victims reported receiving suspicious APK files through messaging platforms. Investigators later found a coordinated pattern involving similar app structures and fraudulent user interfaces.
Forensic analysis of electronic devices seized from other accused individuals led to the identification of more than 250 APK files. A laptop linked to the arrested developer reportedly contained over 100 independently created APK variants.
Officials said the applications were designed around different fraud themes, including fake electricity bill updates, gas connection verification, RTO challan payments, PM Kisan scheme updates and banking alerts. Victims were allegedly prompted to install the files under the pretext of updating service accounts or verifying billing information.
Over 3,000 Complaints Linked to APK Network
Investigators estimate that data linked to the APK files corresponds to nearly 3,000 cyber fraud complaints across India. The financial impact under review is believed to be around ₹42 crore, though officials said the figure may rise as more linked cases are analysed.
The arrested accused was reportedly pursuing a Master’s degree in Computer Applications and allegedly worked as a freelance web developer. Investigators believe he initially offered app development services online before being approached by individuals who later used his technical work for fraudulent activities.
According to the findings, the APK files were sold at relatively low prices to intermediaries, who then modified and redistributed them at higher rates to other members of the network. These intermediaries allegedly deployed the applications through social media platforms and messaging apps.
Money Trail and Wider Network Under Probe
The investigation has revealed that several accused involved in the distribution chain were from different states, including Jharkhand and other regions. Officials said the group was linked to dozens of registered FIRs across Mumbai and other cities, while additional cases are being examined in Telangana, Kerala and Maharashtra.
Investigators also found that the APK infrastructure had been hosted on servers that were later shut down by service providers after suspicious activity was flagged. Authorities, however, believe that multiple clones of the applications may still be in circulation.
Digital forensic teams are now tracing financial beneficiaries, layered transactions and possible links to additional developers or overseas entities. Officials have indicated that further arrests are likely as the probe expands, while citizens have been urged to avoid installing APK files from unknown sources and rely only on official app stores for service-related downloads.
