Bengaluru’s Central Crime Branch (CCB) has dismantled a major international cybercrime racket, revealing a hacking operation that siphoned off ₹47 crore (approximately $5.6 million) from a private finance company in just two and a half hours. The Cyber Crime Wing of the CCB confirmed the arrest of two individuals involved in the scam, while the primary masterminds are suspected to be based in Dubai.
Massive Heist in Just Two and a Half Hours
The financial breach occurred on the night of October 6, when hackers infiltrated the systems of Wisdom Finance Pvt. Ltd. and executed 1,782 unauthorized transactions within a span of two and a half hours. The stolen funds were funneled into 656 different bank accounts across India.
According to the complaint filed by a senior manager of Wisdom Finance, the transactions did not originate from the firm’s official systems or registered IP addresses. Instead, they were traced to foreign IPs, notably from Hong Kong and Lithuania.
City Police Commissioner Seemant Kumar Singh stated, “This is the first of its kind of case cracked by the CCB team. We have gathered the details of the accused in Dubai, and efforts are on to track them down.” The police also announced a partial recovery of ₹10 crore (approximately $1.2 million) from the stolen funds.
Local Arrests Expose the Indian End of the Cybercrime Racket
The Cyber Crime Wing investigation led to two arrests in India who acted as facilitators in the cybercrime racket. The first suspect, Sanjay Patel, a 43-year-old plumber from Udaipur, Rajasthan, allegedly supplied “mule accounts” used for laundering stolen funds in exchange for commission. Authorities traced Patel after detecting a suspicious transfer of ₹27,39,000 (around $33,000) into a State Bank of India account linked to him, as reported by The Hindu.
Further investigation uncovered another major transaction of ₹5.5 crore (about $650,000) transferred from Wisdom Finance to Unknown Technologies Pvt. Ltd., a Hyderabad-based company. The funds were later routed through a private bank account belonging to another individual.
These transfers were traced to IP addresses hosted by Webyne Data Centre, revealing a crucial digital trail. Police later identified Ismail Rasheed Attar, a 27-year-old digital marketing executive from Belagavi, as the person who had purchased the IP addresses used during the heist. Attar, a high school dropout, was arrested shortly after.
Dubai-Based Masterminds Hired Global Hackers
Investigations by the Cyber Crime Wing revealed that two Dubai-based masterminds orchestrated the attack. They reportedly rented five servers using the IP addresses obtained from Attar and then hired hackers from Hong Kong to infiltrate Wisdom Finance’s API systems. By exploiting security vulnerabilities, the hackers bypassed the company’s internal defenses and initiated the massive fund transfer.
The CCB suspects that the Dubai-based operators coordinated their activities using encrypted communication platforms and cryptocurrency wallets to pay the international hackers. The stolen money was quickly moved through hundreds of mule accounts, making it difficult to trace.
Although the two arrested suspects were low-level operatives, the evidence recovered—including IP logs, bank transaction records, and communication data—has provided investigators with leads on the larger network.
Cross-Border Coordination to Combat Cybercrime Rackets
The Cyber Crime Wing continues to collaborate with international law enforcement agencies to locate the primary culprits and recover the remaining funds. Officials noted that this case highlights the global and organized nature of cybercrime rackets, which often operate across multiple countries using advanced technology and digital anonymity.
Law enforcement authorities also issued a warning to businesses to tighten their cybersecurity systems, particularly those engaged in large-scale online transactions. They urged financial institutions to implement stricter monitoring tools to detect suspicious activities, especially during late-night hours when such breaches are more likely to occur.
