CBI busts ₹1,000 crore cyber fraud by international syndicate, 111 fake companies busted

The network is reported to have used 111 shell companies created with forged documents, fake directors and fake addresses to handle illicit funds. The fraud targeted thousands of victims through fake apps and job offers, as well as Ponzi schemes and multi-level marketing (MLM) models.

CBI The investigation revealed transfers of over ₹1,000 crore to hundreds of bank accounts, with one account receiving over ₹152 crore in a short period.

The case was registered by the Cyber ​​Crime Coordination Center (I4C) under the Ministry of Home Affairs (MHA) after it provided information about the increase in complaints about fake investment and job apps. What appeared to be minor scams were finally exposed ‘CBI’Forensics and payment trail investigation as a shared backbone connecting dozens of applications and financial channels.
According to the agency, the inquiry revealed a ‘highly coordinated and technology-driven’ network that used substantial digital and financial infrastructure to conceal its operations.

“Using Google ads, bulk SMS campaigns, SIM-box messaging systems, fintech platforms and multiple origin bank accounts, the syndicate allegedly lured victims into giving up their savings through deceptive online schemes – ranging from work-from-home offers to Ponzi-style investment and gaming apps,” a CBI The Indian Express quoted the spokesperson as saying.

“The investigation has established that, since 2020, shell companies were incorporated in India at the behest of foreign handlers and their Indian associates purchased identity documents from unsuspecting individuals and used them to incorporate companies and open bank accounts. These entities were then used to systematically channel the proceeds of cyber fraud, which were layered through multiple accounts and platforms to obscure the money trail and ultimate beneficiaries.”

Reportedly, searches at 27 locations in Karnataka, Tamil Nadu, Kerala, Andhra Pradesh, Jharkhand and Haryana resulted in the seizure of digital devices and financial documents.

A UPI ID linked to two Indian suspects remained active from a foreign location until August 2025, indicating real-time foreign surveillance.

According to the forensic investigation, substantial communication links were revealed between the Indian operators and their foreign handlers, identified as Chinese nationals Zou Yi, Huan Liu, Weijian Liu and Guanhua Wang, who allegedly controlled the operations from outside.