The Criminal Investigation Department (CID) has initiated an investigation against officers of the Central Crime Branch (CCB) in connection with the Bitcoin scam case, according to an officer familiar with the development. The Central Crime Branch, which operates under the Bengaluru police, had probed the Bitcoin scam when it came to light in 2020. The investigation against CCB comes after CID took over the case earlier this month after the Siddaramaiah led-Congress government came to power.
It is alleged that during the investigation CCB officials had tampered with the evidence in the case while it was in their custody, officers familiar with the matter said. A first information report (FIR) has been registered against unnamed CCB officials with Cottonpet police under Section 204 of the Indian Penal Code (IPC) for the destruction of evidence and Section 120(B) of IPC for criminal conspiracy.
As part of the investigation, the CID interrogated Sri Krishna Ramesh, also known as SriKi, a hacker, at least three or four times last week. Sri krishna, who is facing trial in the scam and is out on bail, is being questioned regarding the investigation against him and the role of the CCB officers in tampering with the evidence, said a senior officer.
The alleged Bitcoin scam came to light after Sri krishna, aka Sriki, was arrested by the CCB on November 18, 2020, in connection with a drug peddling case. He had allegedly used bitcoins on the dark web to purchase drugs from international dealers. Subsequent interrogation by the CCB revealed that the software engineer turned hacker was involved in a series of online crimes.
He allegedly hacked into websites to steal their data and lock the owners out of them. He would then demand payment in bitcoins to unlock the websites. He also confessed to creating ‘mirror’ sites, or fake payment portals that mimicked real ones, to steal credit or debit card information for financial gain. The police also stated that he confessed to attempting to steal ₹11.5 crore from the e-procurement cell of the Karnataka e-governance centre, in addition to hacking into some Bitcoin exchanges.
The Congress, which was in opposition at the time, alleged that the Bharatiya Janata Party (BJP) was protecting the hacker involved in the cryptocurrency case. However, the erstwhile chief minister Basavaraj Bommai denied all the charges and clarified that a fair investigation was conducted.
After the Congress government handed over the case to the CID, as part of the investigation, the CID lodged a case against officers of the CCB. The allegations concern the alleged tampering of electronic devices seized from associates of hacker Sri Krishna.
Deputy superintendent of police (DSP), CID, K Ravishankar, filed a complaint against unnamed officers from the CCB who were involved in investigating the 2020 case that implicated Srikrishna and 10 others.
A crucial aspect of the Bitcoin case is the disappearance of vital evidence. In 2021, Sriki faced arrest in connection with the seizure of 31 Bitcoins. The allegations against him centred on the unauthorized withdrawal of Bitcoins from his virtual wallet.
According to the complaint, a digital forensic analysis report of devices seized from Sri krishna’s associates revealed tampering after the devices were confiscated following their arrests in November 2020.
The CID cites a digital forensics report dated February 20 its complaint which indicates that two pen drives seized on November 9, 2020, were tampered with while in police custody, said the officer cited above.
Similarly, an Apple MacBook and a hard disk seized on November 17, 2020, were found to have been tampered with between November 18 and 20. A second MacBook seized on November 19, 2020, was tampered with between November 20 and 21, he added.
“Each digital file has a hash value (a record of digital transaction or file movement). In simple terms, whenever there is movement of any digital file, the hash value changes. In this case, the evidence in CCB custody has undergone such changes, implying possible movement of bitcoins. We suspect that these devices were tampered with within the premises of the CCB office in Bengaluru between November 9 and December 12, 2020,” said a senior CID officer who wished to remain anonymous.
