The Cyber Crime Police Station of CID Jharkhand has uncovered a Chinese-linked investment scam and digital arrest fraud network operating out of Olive Garden Hotel in Ranchi. Acting on a credible intelligence tip-off, CID officials carried out swift raids that led to the arrest of seven operatives and a special agent working on behalf of Chinese companies.
According to officials, the gang was engaged in illicit financial transactions using mule bank accounts and was closely associated with Chinese cybercriminals through apps such as Moonpay, Dragonpay, Superpay, and Mangopayindiaa. The arrested individuals were allegedly operating from various parts of India and were tasked with supplying bank accounts used in illegal schemes.
A Sophisticated Modus Operandi with Chinese Links
The investigation revealed a highly coordinated digital fraud mechanism, where agents received malicious .apk files via Telegram. Once these were installed on SIM-linked bank accounts, the apps silently transmitted OTPs and bank alerts to remote servers controlled from China, enabling the syndicate to access and drain funds from Indian accounts.
The fraudulent proceeds were laundered through a web of 60 mule accounts, many of which are now linked to at least 68 FIRs across multiple states, registered on the National Cybercrime Reporting Portal (NCRP). The syndicate exploited digital vulnerabilities to orchestrate large-scale frauds, leaving a trail of financial and psychological distress among victims.
Authorities have booked Cyber Crime PS CID Case No. 77/25 under multiple sections of the Bharatiya Nyaya Sanhita (BNS), along with Sections 66B, 66C, and 66D of the IT Act, 2000.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
Arrests, Seizures, and a National Alert
The arrested individuals have been identified as:
- Kumar Deepak (Siwan, Bihar)
- Kumar Saurav (Nalanda, Bihar)
- Prabhat Kumar (Siwan, Bihar)
- Lakhan Chourasiya (Sagar, Madhya Pradesh)
- Shivam Kumar (Nawada, Bihar)
- Anil Kumar (Patna, Bihar)
- Pradeep Kumar (Patna, Bihar)
Seizures made during the operation include:
- 12 mobile phones
- 11 SIM cards
- 14 ATM cards
- 1 laptop
- 1 cheque book
- Digital evidence linking 60 mule accounts recovered from WhatsApp and Telegram chats
This operation is part of Jharkhand Police’s intensified anti-cybercrime drive and marks a significant success in disrupting transnational cyber fraud syndicates. The CID has urged citizens to stay alert and report suspicious links, calls, or investment offers immediately via www.cybercrime.gov.in or by calling the Cybercrime Helpline 1930.
A Wake-Up Call for Cyber Vigilance
The Ranchi bust underscores the evolving threat of international cybercrime, with fraudsters increasingly using local agents and sophisticated tech tools to scam Indian citizens. The Jharkhand CID’s action highlights the critical need for public awareness, digital hygiene, and inter-agency cooperation in tackling such crimes. As more such networks are expected to surface, enforcement agencies remain on high alert to protect the digital trust of millions.
“This is a major crackdown on an international cyber fraud syndicate. The operation will significantly reduce cybercrime by disrupting the supply chain of mule accounts and sending a strong deterrent message,” said Chief Mentor, Centre for Police Technology and FCRF, Prof. Triveni Singh Ex-IPS. He also suggested a few actionable points for related agencies:
What Police can do in Investigation?
1. Focus on Hotels where these kind of activities take place.
2. Spread Awareness in their jurisdiction regarding “Harm of Renting their Bank Account”
3. Use advanced investigation techniques for identifying such payment Gateways. Gujarat Police had arrested 4 Taiwanese nationals recently who were masterminds behind some chinese payment gateways
What Banks can do?
1. Enforce RBI and FIU Regulations.
2. Geolocation based account access analysis – to check multiple accounts operated from same location.
3. Strengthen account opening procedure – mule detection mechanism can be deployed.
What Regulators can do?
1. Create a joint work group to study the potential harm by ‘unregulated’ Chinese payment gateways.
2. Alternate of one time password for transaction approval can be thought upon.
3. Keep a track on the chinese payment gateways.
To counter such widespread exploitation of India’s financial infrastructure, the Indian Cybercrime Coordination Center (I4C) under the Ministry of Home Affairs has issued a nationwide alert. The advisory, stemming from collaborative intelligence gathered during recent operations by Gujarat and Andhra Pradesh Police, highlights how transnational syndicates are using rented or mule bank accounts to create illegal payment gateways. These accounts are often scouted through social media platforms like Telegram and Facebook and are linked to shell companies or individuals willing to sell access to their credentials for a quick sum. Once operational, these fake gateways are exploited for laundering illicit proceeds from fake investment sites, gambling networks, and stock trading scams. Some of the payment systems flagged during the crackdown include PeacePay, RTX Pay, PoccoPay, and RPPay — all suspected to be operated by foreign nationals offering ‘money laundering as a service.’
In light of these revelations, I4C has urged citizens to refrain from selling or renting out their bank accounts, company registration certificates, or Udyam Aadhaar credentials. The consequences, authorities warn, are not only financial but legal — with the potential for arrest and prosecution under the new criminal laws and the IT Act. Banks have been advised to strengthen internal checks to detect patterns of misuse, while law enforcement agencies continue to investigate the wider network. The public is encouraged to remain vigilant and report suspicious cyber activities through the national helpline number 1930 or the Cyber Crime Reporting Portal (www.cybercrime.gov.in). I4C also recommends following its official “CyberDost” social media handles for updates and alerts in the fight to build a Cyber Secure Bharat.