In a major breakthrough against cybercrime, authorities in Ghaziabad have arrested 3 members of an interstate fraud syndicate accused of cheating citizens of nearly ₹3 crore through malicious Android Package Kit (APK) files disguised as traffic challans and bank notices. Investigators said the gang is linked to at least 94 cyber fraud cases registered across 16 states, indicating a wide operational network.
The arrested accused have been identified as Pintu, Adarsh, and Prashant, residents of Bihar and Jharkhand. Preliminary investigation revealed that the trio sent malicious APK files to victims by masking them as traffic e-challans, RTO notices, banking alerts, or genuine mobile applications. These links were mainly circulated through messaging platforms, prompting users to download and install the files. Once installed, the APK compromised the victim’s mobile device and allowed the accused to access sensitive data, including banking credentials, OTPs, contact lists, and personal information. The stolen data was then used to transfer money into pre-arranged accounts before being withdrawn or rerouted to erase the digital trail.
Officials stated that the gang operated in a planned and decentralised manner. By targeting victims across multiple states, they ensured complaints were geographically scattered, reducing immediate detection. The use of layered bank accounts and staggered fund transfers made tracing the final destination of funds difficult. During the crackdown, authorities seized 12 mobile phones, 2 laptops, 8 SIM cards, and 1 car allegedly used in coordinating the fraud. The devices have been sent for forensic examination to determine the full extent of the operation and identify more victims or collaborators. A detailed review of the 94 cases across 16 states is underway to assess whether the trio acted independently or as part of a larger syndicate. Further arrests have not been ruled out.
Sources said the accused relied heavily on social engineering. Messages were crafted to create urgency and fear, with alerts such as “Your traffic challan is pending,” “Your bank account will be blocked,” and “Update KYC immediately” pushing victims to act without verification. Cybersecurity experts have warned that fraud involving malicious APK files is rising sharply. Citizens are advised to download apps only from authorised app stores and verify official communication through legitimate websites or helpline numbers. A case has been registered under relevant legal provisions, and investigators are examining whether the total fraud could exceed ₹3 crore as digital evidence is analysed.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
