Vijayawada: Eluru police busted an international cybercrime syndicate involved in the ‘digital arrest’ scam. The case, registered at Eluru II town police station, originated from a complaint by a 66-year-old woman from Eluru, who was duped of Rs 51.9 lakh by fraudsters posing as Delhi Police and Enforcement Directorate officials. The scammers claimed her Aadhaar number was used in illegal transactions and displayed a forged digital arrest warrant, forcing her to transfer money for ‘investigation clearance.’She was kept under psychological confinement for 72 hours and eventually reached out to Eluru SP P Shiva Kishore at midnight, leading to the exposure of a multi-state and transnational cyber syndicate. The investigation revealed that the syndicate operated from Southeast Asia, primarily Cambodia, using SIM boxes and VoIP gateways with Indian virtual numbers to target victims. Once they established contact, they coerced victims into transferring funds under the pretext of avoiding arrest. The transferred money was immediately routed through a complex chain of mule bank accounts, cryptocurrency wallets, and money laundering networks spread across India and abroad.According to Eluru SP P Shiva Kishore, “This case marks a critical breakthrough in identifying how international cyber syndicates are exploiting fear and authority to extort victims through psychological manipulation. The coordination between state and central cyber agencies was instrumental in unmasking the transnational money trail.”Eluru police investigation identified an organised four-layer criminal structure. The first layer, the ‘digital arrest cell’, handled fake law enforcement calls through Cambodian VoIP routes. The second involved mule account aggregators who sourced corporate bank accounts via Telegram and field networks. The third layer comprised operators who installed malicious APKs on victims’ or mules’ phones, allowing remote access to banking apps. The final layer, cash conversion agents, withdrew laundered funds, converted them into cryptocurrency, and distributed commissions.Eleven key accused were arrested across Uttar Pradesh, Maharashtra, and Karnataka. They include bank employees, mule handlers, and cryptocurrency operators. Among them, Maharashtra police constable Sandeep Wakpanjar and a senior bank manager were found complicit in enabling the fraudulent transactions. Police seized 12 mobile phones, one laptop, over 150 bank accounts and ATM cards, five crypto wallets, 112 illegal payment gateways, and 12 APK files linked to Chinese-controlled servers. Investigators traced Rs 357 crore worth of suspected transactions and froze multiple accounts.Forensic analysis of the APK file “SMS_release_20250715_1.1.0.apk” showed it was an SMS forwarder app communicating with the domain admin.yespayment.net, hosted on a Chinese-controlled server. The app recorded every forwarded message, auto-restarted after device unlock, and bypassed Android security restrictions, confirming its role in fund diversion.Crypto transaction tracking revealed that the stolen funds were converted to stablecoins such as USDT on Binance and later to Chinese Yuan (CNY). Investigators also uncovered the use of smart contracts compliant with EIP-4337 and EIP-7702 protocols, which allowed automated and untraceable transfers between wallets without direct human intervention.The investigation was led by Eluru SP P Shiva Kishore under the supervision of EAGLE (Eluru Anti-Gang and Law Enforcement) Chief Ake Ravi Krishna, who coordinated with multiple agencies, including I4C, CERT-IN, BharatPol, and police teams from Uttar Pradesh and Maharashtra. “The Eluru Police have demonstrated how a single local complaint can lead to dismantling a global cyber-laundering system. Every mule account identified is a fraud prevented; every server traced is a crime stopped,” said Ake Ravi Krishna.Ravi Krishna further added that the case has become a model for inter-state coordination and international cybercrime investigation. Andhra Pradesh Police have recommended policy reforms, including establishing a dedicated Cyber Crime Task Force, a centralised mule account registry, real-time KYC verification for corporate banking accounts, and a national public awareness campaign on “Digital Arrest” scams.Investigations is ongoing to trace the Cambodia-based VoIP infrastructure and Chinese payment gateways linked to the syndicate. Police have also sought assistance from international agencies to track crypto wallets and overseas money laundering operations connected to this digital extortion racket.
