When Whizdm Finance Pvt. Ltd. noticed unauthorized fund transfers on August 7, the company suspected a routine internal error. Within hours, however, investigators discovered a far more sophisticated operation — one that would expose a ₹48 crore cyber heist spanning continents.
According to Bengaluru’s Cyber Crime Police, hackers infiltrated the company’s bank systems using foreign IP addresses and executed nearly 1,782 fraudulent transactions across 656 accounts within a 24-hour window. Funds were rapidly dispersed through layered accounts and digital wallets to evade tracing.
“It was a professional, coordinated breach,” said a senior investigator. “The hackers exploited backend APIs to mimic legitimate banking activity, leaving no trace in internal systems.”
The Anatomy of the Heist
Whizdm’s internal audit revealed that none of the transactions originated from whitelisted IPs — the secure network range used for authorized banking operations. Instead, the fraudulent access came from servers rented abroad, including nodes in Hong Kong and Lithuania, suggesting a deliberate attempt to mask the perpetrators’ locations.
Investigators found that the hackers bypassed multiple layers of authentication by manipulating API protocols, allowing them to issue bulk transfer commands that mimicked routine disbursements.
Among the thousands of microtransactions, police identified two domestic beneficiaries — Sanjay Patel and Ismail Rasheed Attar — who allegedly received ₹27.39 lakh and ₹5.5 crore, respectively. The funds were routed through a Hyderabad-based company, Echelon Science Tech Pvt. Ltd., before being moved to a payment gateway firm, Flipo Pay, to obscure the audit trail.
Masterminds Abroad, Local Operatives at Home
Preliminary evidence points to two Dubai-based masterminds who coordinated the attack by hiring hackers in Hong Kong. The group allegedly operated a distributed network of rented servers to remotely control Whizdm’s backend.
Investigators believe the Indian suspects acted as local money mules — opening accounts and providing shell company infrastructure to funnel the stolen money. The cyber police are now working with international law enforcement agencies to trace the digital money trail and identify the foreign controllers.
“The scale of coordination suggests a transnational syndicate with specialized technical expertise,” said a senior cyber officer. “We’ve sought assistance from agencies in Dubai and Hong Kong to track the data and financial flow.”
A Wake-Up Call for India’s Fintech Sector
The Whizdm breach underscores growing vulnerabilities within India’s booming fintech ecosystem, where automated financial services rely heavily on interconnected APIs. Experts warn that as digital lending platforms expand, so does the surface area for attacks.
Bengaluru’s cyber police have frozen several domestic accounts, while digital forensics teams are examining server logs, payment gateways, and VPN records linked to the foreign servers. Efforts are underway to recover the diverted funds, though officials acknowledge that cross-border recovery remains a formidable challenge.
For the country’s fintech firms, the incident serves as a reminder that innovation and security must advance in tandem.
