Hyderabad, March 30 (Bureau) Hyderabad police on Wednesday arrested a Nigerian National, the kingpin in the Mahesh Bank e-fraud case. An amount of about Rs.12.48 crore was swindled by the two Nigerians– Ikpa Stephen Orji and another code-named Capital , who came to Hyderabad at the time of offence, met with the account holders and transferred funds from the four accounts to various other bank accounts, Hyderabad Commissioner of Police C V Anand said at a press conference here. Apart from the four bank accounts, the hackers also attempted three more bank accounts of the same bank but were not successful, he said. Through Internet Banking from the accounts, RTGS/NEFT Transactions were made, and the amount was transferred into 115 different bank accounts of different banks and from there into 398 different bank accounts, the CP said that most of the beneficiary accounts are in Delhi, Haryana, Uttar Pradesh, West Bengal, Maharashtra, Karnataka, Kerala and 7 North eastern states. The money was later withdrawn from 938 ATMs all over India.
Cyber Crime Police Hyderabad responded immediately and succeeded in freezing an amount of Rs. 2,08,55,536 before they were withdrawn from ATM sand another amount of Rs.1,08,48,990- was refunded/returned to the AP Mahesh Co-operative Urban Bank because of the incorrect beneficiary details, he said. Based on a complaint lodged by the bank officials on January 24, 2022, the Cyber Crime Police station had registered a case in U/Sec 66 r/w 43 66(C) 66(D) ITA Act-2000 and U/Sec 419,420 IPC regarding the swindling of amount of Rs.12.48 Crore from the AP Mahesh Co-Operative Urban Bank Limited by some unknown hackers by altering the balance in four accounts and transferring it in to 115 different accounts across the country. Special teams were formed to apprehend the suspects across the country and the teams were sent to Delhi, Haryana, Uttar Pradesh, West Bengal, Maharashtra, Karnataka, Kerala and 7 North east states.
IP logs for the Internet Banking of the above said bank accounts were obtained and it was found that the IP addresses are proxies with locations indicating USA/Canada/Romania. The hackers used VPN services of a Bihar based company and from them, the Proxy IPs were allocated to the persons from the UK. Cyber forensics concluded that the hackers entered the system of the AP Mahesh Co-operative Urban Bank through phishing mails containing a Remote Access Trojan (RAT) sent to the employees of the bank on November 4, 10, 16, 2021. Once the mails are opened and clicked upon, the RAT gets embedded in the computer of the bank. Through the RAT software, the hacker got access to the computers of the bank. Since all the systems in the bank are interconnected, the hackers were remotely able to access the Core banking server of the bank. On the day of the actual hack, the hackers entered the core banking server and altered the balance in the four accounts already opened under their supervision, from there the amount was transferred to various accounts to be withdrawn, Anand said. The arrested Ikpa Stephen was being produced before the local court.