In one of the biggest cybercrimes reported in Bengaluru city, the police have arrested a plumber and a man who has studied up to Class 10 for allegedly helping Hong Kong-based hackers and Dubai-based Indian men siphon Rs 47 crore from a finance firm.
Commissioner of Police Seemant Kumar Singh said on Monday that the arrested men—Sanjay Patel, 43, from Udaipur, Rajasthan, and Ismail Rasheed Attar, 27, from Belagavi—were key players in an international cybercrime network that hacked into the servers of Whizdm Finance Private Limited to execute unauthorised fund transfers. Whizdm operates Moneyview, an app providing instant loans of up to Rs 5 lakh.
The investigation began on August 8 after Whizdm Finance’s senior manager got an FIR registered about multiple suspicious transactions executed between midnight on August 6 and 7, when hackers drained the company’s bank accounts within a mere two and a half hours.
Internal investigations revealed the transactions originated not from official company systems or registered internet protocol addresses, but from foreign IP addresses. Approximately Rs 47 crore was illegally transferred to various bank accounts, with further investigation uncovering an additional Rs 2-crore loss.
Seemant Kumar Singh said that technical investigations uncovered that 1,782 transactions were executed from the company’s bank accounts, distributing funds across 656 different bank accounts nationwide. Among these, one SBI account belonging to Patel, who worked as a plumber in Udaipur, received Rs 27.39 lakh. He was arrested on September 25.
Further investigation revealed that Rs 5.5 crore more was transferred to “Unknown Technologies Pvt Ltd, Hyderabad” before being routed to an ICICI bank account. The police discovered that these transactions had been conducted through an IP address registered to Webyne Data Centre, a server hosting service provider.
On October 9, the police arrested Attar, who had cleared the SSLC exam. He was working as a digital marketer and also offered online freelance services.
“During the probe, it was revealed that Dubai-based Indians had contacted Attar via Telegram, renting five servers he had purchased from Webyne. The servers would’ve been purchased for Rs 1,500 and rented for Rs 2,500,” a police officer explained.
Story continues below this ad
The Dubai-based operatives then contracted Hong Kong hackers who utilised these rented Webyne servers to breach Whizdm’s security systems. The hackers executed unauthorised transfers to 656 bank accounts by posing as instant loan seekers, using Hong Kong and Lithuania-based IP addresses to mask their activities and evade detection.
“We have recovered Rs 10 crore and are hopeful of recovering the rest,” Seemant Kumar Singh said.