22 August,2022 12:56 PM IST | Mumbai | Faizan Khan
A call centre that targeted Indian loan app borrowers busted in Nepal. mid-day’s investigation from Nepal showed that it was being run by Chinese nationals
Mirroring Mumbai police's probe following a series of reports in mid-day, Delhi cops have busted a Chinese loan app scam and arrested 22 people. They have found that the fraudsters had floated over 100 apps to target Indian borrowers, whose personal data was stored on servers in Hong Kong and China. While the fraud could be between Rs 2,000 crore and Rs 5,000 crore, it is also suspected to be a part of a larger conspiracy against India.
The Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi police's special cell made the arrests from different parts of the country. Those arrested were involved in harassing customers of the loan apps and extorting money through blackmail and abuse with the help of morphed photos.
"It was found that all the apps were seeking malicious permissions from the user. After obtaining the access permissions, the contacts, chats, messages and images of the user were being uploaded to the servers based in China and Hongkong," said KPS Malhotra, DCP, IFSO.
Also read: Mumbai cyber cops nail 5 who extorted money from Bhayandar resident
ALSO READ
Congress: Centre insensitive to statehood restoration demand, will be poll issue
Important matters listed before Delhi High Court on Tuesday
Mallikarjun Kharge: No one should retire in politics
Fire in Delhi's Madanpur Khadar shanties
No water supply on Tuesday in parts of north Delhi due to maintenance work
Delhi cops said the customer data was shared with various modules that operate like the customer relationship management (CRM) process. "This is another concern apart from the whole scam because with the help of such data, the privacy of Indians nationals can be put at risk and it can be used in any other cyber offence or the particular individual can be used in any illegal activities by Chinese nationals," san an officer.
The Delhi police have found that the money extorted from the borrowers of the mobile apps was routed to China through hawala and cryptocurrencies. Further, the apps were being hosted from AWS and Ali Baba servers, which are hosted in India but do not comply with many guidelines as they are American companies.
The IFSO believes that the scam could be Rs 2,000-Rs 5,000 crore or more than that. The agency has discovered that over Rs 500 core has already been diverted to China through hawala and digital currencies.
Along the lines of mid-day's investigation from Nepal, the Delhi police's three-month-long probe has shown that Chinese nationals hired Indians to run the illegal business. Those arrested by them - from Delhi, Haryana, Karnataka, Maharashtra, Bihar and Uttar Pradesh - were working for six Chinese nationals.
These 22 people had different roles. One group extorted money from borrowers; the second group provided WhatsApp numbers and SIM cards; the third set of people managed accounts; the fourth group coordinated with the Chinese bosses, while the fifth batch uploaded borrowers' personal data on servers in Hongkong. Many such groups were found taking care of different functions at the behest of Chinese nationals.
The IFSO arrested a certain Supreet Shetty from Lucknow who is believed to be a big fish. Shetty is a director of a company that was working for the Chinese nationals. Among the other arrested were managers, accountants, group leaders, HR and Chinese coordinators.
Apart from the arrests, the Delhi police have also seized 9 laptops, 25 harddisks, 51 mobile phones, 19 debit cards, 3 cars and R4 lakh cash. The police said the scamsters operated several accounts to transfer money to China. Each of the accounts had a daily transaction of more Rs 1 crore.
The IFSO has found that the 100+ apps are hosted on Google Play Store apart from being promoted through websites and advertisements. Users seeking small loans are required to give the app access to their phones. In the guise of doing KYC, these apps suck out the entire data on the user's phone which they misuse for extortion.
"Due to social fear and stigma, users started paying them money in different bank accounts. The money collected is diverted to specific bank accounts and then after two-three hops, it is sent to China through hawala or after purchasing cryptocurrencies," Malhotra added.
The Delhi cops have also learned that following action by Indian authorities, the Chinese kingpins have started shifting base to Pakistan, Bangladesh and Nepal.
"The victims had submitted their KYC information, including Aadhaar, PAN cards, drivers' licences, and other documents, with the loan applications. By misusing KYC data, these victims' data are also utilised to set up fraudulent bank accounts and fake cryptocurrency exchange accounts. Due to the fact that the collected data is stored on Chinese computers, the Chinese government is able to gather it all and can utilise it to launch several cyberattacks against Indian residents." Said Yasir Arafat Shaikh, Founder & CTO Macksofy Technologies Pvt Ltd said.
"India, the second-largest internet market in the world, has experienced an explosion in personal data over the past ten years as hundreds of people have started using dozens of apps and going online for the first time. However, it has been unclear how much control people, businesses, and government organisations have over it. A law or policies should be in place for the Indian government to handle citizen data across all digital channels." Shaikh added.
51
No. of mobiles seized by Delhi cops