Varanasi: A major cyber fraud network has been exposed with the arrest of two cousins who allegedly targeted people across the country after receiving cybercrime training in Jharkhand’s Jamtara and later operating from West Bengal. Investigators say the accused used malicious APK files to hack mobile phones and carried out cyber fraud worth about ₹50 lakh.
According to the investigation, a brick trader from Ramnagar in Varanasi, Anoop Gupta, was among the victims targeted by the gang. The accused allegedly sent him an APK file, which once downloaded allowed them to gain control of his mobile phone. Using access to OTPs and other sensitive banking information, the fraudsters siphoned off ₹8.38 lakh from his account.
FCRF Launches Flagship Certified Fraud Investigator (CFI) Program
Cyber fraud techniques learned in Jamtara
Investigators revealed that the two accused had earlier received training in cyber fraud operations in Jamtara, Jharkhand, which is known for cybercrime activities. Due to existing cases registered against them there, they reportedly shifted their operations to another state and established a base in Andal in West Bengal.
Operating from Andal, located about 64 kilometers from Jamtara, the cousins allegedly ran their cyber fraud network and targeted individuals from different parts of the country using digital communication tools.
Surveillance and digital footprints lead to arrests
After the complaint regarding the cyber fraud was registered, investigators launched a technical probe using surveillance and digital footprint analysis. Mobile numbers, bank accounts and online activity linked to the suspects were carefully examined.
Based on these digital clues, authorities tracked the accused to Andal in West Bengal and arrested them. The investigation revealed that the cousins were operating in an organized manner and withdrawing the fraudulently obtained money through multiple bank accounts.
Telegram bots used to target victims
During interrogation, investigators learned that the accused used Telegram bots to reach potential victims. Through these automated tools, they sent messages to a large number of people and persuaded them to download APK files on various pretexts.
Once a victim downloaded the file, a Trojan and SMS forwarder–based malware was activated on the phone. This malware enabled the accused to receive OTPs and banking-related messages from the victim’s device.
With access to these credentials, the fraudsters were able to transfer funds from victims’ bank accounts and route the money through mule accounts to avoid detection.
House purchased using fraud money
Investigators also found that the accused used part of the fraudulently obtained money to build assets. Out of the approximately ₹50 lakh obtained through cyber fraud, about ₹25 lakh was reportedly used to purchase a house.
Additionally, the accused purchased several mobile phones and digital devices to run their cybercrime network. The probe revealed that the gang used around 10 mobile phones for different operational activities.
Nearly 100 people believed to be targeted
Authorities believe that the two accused had targeted nearly 100 individuals across different states. They would send messages to potential victims and attempt to lure them into downloading the malicious APK files.
Officials say more people may be involved in the network and further revelations are expected during the ongoing investigation. Authorities are currently examining bank accounts, financial transactions and digital records linked to the suspects.
Investigators believe the cyber fraud operation was carried out in an organized and systematic manner. Efforts are now underway to identify other members of the gang and the mule accounts used to move the stolen money.
About the author — Suvedita Nath is a science student with a growing interest in cybercrime and digital safety. She writes on online activity, cyber threats, and technology-driven risks. Her work focuses on clarity, accuracy, and public awareness.
