Uttarakhand Cyber Police Busts Gang Stealing OTPs via Malicious APK File

The Cyber Crime Police Station in Dehradun (STF) has successfully apprehended the leader of a gang involved in a Rs 32 lakh cyber fraud from Haridwar. The arrested individual has also been implicated in 19 other fraud cases across 12 different states, as reported by various state police departments.

Cybercriminals posing as employees of PIMCO Capital and Kotak Securities created fake websites for stock trading and deceived people across the country into investing their money. In June 2024, a complaint was filed with the Cyber Crime Police Station involving cyber fraudsters who manipulated the victim into joining a WhatsApp group called “E19 PIMCO Stocks Pull Up Group,” where the fraudsters, posing as PIMCO Capital and Kotak employees, encouraged the victim to download a fake app, Kotakss.Pro, for stock trading. The victim was then swindled out of Rs 31,98,742 through various transactions. Consequently, a case was registered under FIR No. 43/2024 under sections 420, 120-B IPC, and 66(D) of the IT Act against unknown persons.

The investigation was handed over to Inspector Vijay Bharti of the Cyber Crime Police Station. Through detailed investigation and technical analysis, the police arrested a 31-year-old accused from Faridabad, Haryana, from the Jamalpur Road area in Haridwar. A mobile handset with two SIM cards, one of which was used to receive SMS alerts for the fraudulent bank account, was recovered.

Seized Items
– 1 mobile handset with 2 SIM cards and a 32GB SD card

Modus Operandi:
The accused, along with accomplices, created fake websites for stock trading companies, posing as officials or employees to defraud the public of their hard-earned money. They lured victims through WhatsApp calls and messages, offering lucrative returns on stock trading. Victims were added to fake WhatsApp and Telegram groups, where they were tricked into downloading fake apps and investing money, which was then siphoned off to various bank accounts controlled by the fraudsters.

The gang used various social media platforms to solicit current and savings accounts, redirecting them to WhatsApp numbers. Those willing to sell their accounts provided the details, which were then physically distributed. Services like Rapido, Ola, and Uber were used to collect bank accounts from different cities. The criminal used an OTP-sharing app called HHSMSApp to send bank OTPs to other gang members online.

This app is used to share bank OTPs online. Such apps input bank SMS alert numbers and send the bank OTPs to other gang members online. Both Google Play Store and Android phones block such apps, so criminals share them as APK files via WhatsApp groups. These APK files are installation files shared through social media messengers, where the APK file link is shared. Upon clicking the link, the phone installs the app just like any other app.

The arrested accused has received suspicious amounts totaling Rs 71 lakh in his bank account. He also confessed to sharing photos of blank cheques, bank account QR codes, and debit card front/back pages with other gang members via WhatsApp.

The accused is involved in 19 other fraud cases across 12 different states, including Haryana, Karnataka, Rajasthan, Tamil Nadu, Uttar Pradesh, Jharkhand, Telangana, Andhra Pradesh, Gujarat, Kerala, Maharashtra, and Rajasthan, as reported by various state police departments.

Police Team:
1. Inspector Vijay Bharti
2. Sub-Inspector Himmat Singh
3. ASI Manoj Beniwal
4. Constable Neeraj Negi
5. Constable Yogeshwar Prasad Kanti

Senior Superintendent of Police, STF Uttarakhand, Mr. Ayush Agarwal, appealed to the public to avoid using any fake websites, mobile numbers, or links for online jobs or investments/trading. He urged individuals to verify such sites thoroughly with local banks or relevant companies before applying for any online jobs. He also advised against searching for customer care numbers on Google and to immediately contact the nearest police station or Cyber Crime Police Station in case of any suspicion. In the event of a financial cybercrime, the public is urged to contact the helpline number 1930 immediately.

Adding to the caution, Ankush Mishra, DySP, Cyber Crime, Uttarakhand, advised the public to beware of malicious APK files and not to download any such files based on directions from unverified sources.