New Delhi | January 2, 2026 | Delhi’s cyber police have dismantled a sophisticated, multi-layered cyber fraud network, uncovering nearly ₹180 crore in suspicious transactions routed through 20 shell companies and associated mule bank accounts. The investigation took a dramatic turn when the individual in whose name several companies and bank accounts were opened—described by investigators as a mere front man—was found dead under suspicious circumstances at a Noida hotel shortly after an FIR was registered.
According to senior police officials, the action was carried out under Operation ‘Cy-Hawk’, a focused crackdown aimed at breaking fast-growing cyber fraud rings, tracing digital money trails, and dismantling mule-account ecosystems. Preliminary findings indicate that funds obtained through online scams were layered across multiple shell entities to conceal the original source and the ultimate beneficiaries.
A Single Bank Account Unravels the Plot
The probe began with scrutiny of complaints filed on the NCRP portal, where investigators flagged recurring cyber fraud reports. During the analysis, police identified a bank account at IDFC First Bank that was receiving frequent, high-value transfers from multiple states. The account was opened in the name of Kudremukh Trading Private Limited.
Transaction patterns, frequency of credits, and questionable KYC documents quickly suggested that the account was being used as a mule account—a conduit to move illicit funds. This led to the registration of an FIR at the Cyber Police Station, New Delhi district, followed by a wider forensic examination of banking records and digital trails, which exposed the broader network.
Contract Employee Turned ‘Director’
Investigators found that the listed director of the company, Rajesh Khanna, was actually a contract employee with no real business background. During questioning, he stated that companies and bank accounts were opened in his name at the behest of Sushil Chawla and Rajesh Kumar.
Police say the real control—including internet banking access, cheque books, OTPs, and fund movement—rested entirely with the two alleged operators. Using the same blueprint, the network floated 20 shell companies under different names and documents, none of which carried out legitimate business activity. Their sole purpose was to rotate and obscure proceeds of cyber fraud.
176 Complaints, ₹180 Crore Digital Trail
A forensic audit of bank accounts linked to the shell companies revealed 176 cyber fraud complaints from across the country. Initial estimates confirm transactions amounting to around ₹180 crore, though officials caution that the figure may rise as more accounts and transactions come under scrutiny.
Investigators believe the money was moved in multiple layers, sometimes split and recombined, to frustrate detection and delay law enforcement action.
Front Man Found Dead After FIR
The case assumed added gravity when Rajesh Khanna, identified by police as a front man, was found dead in a Noida hotel shortly after the FIR was filed. Early indications suggest he was used as a disposable intermediary, while the network’s key decision-makers operated from behind the scenes.
Authorities have launched a separate inquiry into the circumstances surrounding his death, examining all angles as part of the ongoing investigation.
Arrests, Digital Evidence and Next Steps
Police said Sushil Chawla and Rajesh Kumar initially appeared to cooperate but later stopped responding to notices. Based on mobile chats, banking logs, email records, and other digital evidence, both were arrested.
Searches led to the seizure of two mobile phones and a laptop, which are now undergoing forensic analysis. Data from all seized devices and bank accounts is being shared with the Indian Cyber Crime Coordination Centre (I4C) to map links with similar cases nationwide and identify additional beneficiaries.
Investigators suspect the network may have connections to cyber crime syndicates operating in West Bengal and other states. Officials said the probe is ongoing and more arrests and recoveries are likely in the coming days.
